1. 首頁
  2. 問答
  3. 問題簽署與Windows的Java 8u121 XML

問題簽署與Windows的Java 8u121 XML

2017-03-28 48 views
1

我已經用java 8日簽署了一個XML文件沒有問題,直到我升級到的Java 8u121版本,代碼:問題簽署與Windows的Java 8u121 XML

String xml_entrada = "D:\\CeslySoft\\Ivap_facturador\\CPE\\FirmaXML\\Schema-20480510144-RC-20170327-0001.xml"; 
    String xml_salida = "D:\\CeslySoft\\Ivap_facturador\\CPE\\FirmaXML\\20480510144-RC-20170327-0001.xml"; 
    String certi_digital = "D:\\CeslySoft\\Ivap_facturador\\Certificados\\molchiclayo1.jks";   
    String clave = "9ghi0nmbR0ft"; 
    String alias = "1"; 
    String tipodoc = "09";  

    int indice = (tipodoc.equals("09")? 0: 1);  
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); 
    Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1,null), 
      Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), 
      null,null);  
    SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, 
      (C14NMethodParameterSpec) null), 
      fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), 
      Collections.singletonList(ref)); 

    KeyStore ks = KeyStore.getInstance("JKS"); 
    ks.load(new FileInputStream(certi_digital), clave.toCharArray()); 
    KeyStore.PrivateKeyEntry keyEntry 
     = (KeyStore.PrivateKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection(clave.toCharArray())); 

    X509Certificate cert = (X509Certificate) keyEntry.getCertificate(); 

    KeyInfoFactory kif = fac.getKeyInfoFactory(); 
    List<Object> x509content = new ArrayList<>(); 
    x509content.add(cert.getSubjectX500Principal().getName()); 
    x509content.add(cert);  
    X509Data xd = kif.newX509Data(x509content); 
    KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); 

    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); 
    dbf.setNamespaceAware(true);   
    //Document doc = dbf.newDocumentBuilder().parse(new FileInputStream(xml_entrada)); 
    InputSource is = new InputSource(new InputStreamReader(new FileInputStream(xml_entrada), "ISO-8859-1")); 
    Document doc = dbf.newDocumentBuilder().parse(is); 

    Node nodePadre = doc.getElementsByTagName("ext:ExtensionContent").item(indice);  
    nodePadre.getNodeValue(); 
    DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(), nodePadre); 

    XMLSignature signature = fac.newXMLSignature(si, ki, null, "SignatureSP", null); 
    signature.sign(dsc); 

    OutputStream os = new FileOutputStream(xml_salida); 
    TransformerFactory tf = TransformerFactory.newInstance(); 
    Transformer trans = tf.newTransformer(); 
    trans.setOutputProperty(OutputKeys.ENCODING, "ISO-8859-1"); 

    trans.transform(new DOMSource(doc), new StreamResult(os));

的錯誤是在行代碼:

signature.sign(dsc)

錯誤是:

javax.xml.crypto.XMLSignatureException: java.security.InvalidKeyException: Invalid RSA private key

......

在Java 8u121之前的版本中,不會發生任何錯誤。

來源

2017-03-28 Carlos G.

+0

我認爲你缺少http://www.oracle.com/technetwork/java/javase/downloads/jce8-download- 2133166.html – EpicPandaForce

+0

我已經在許多機器上安裝了8u112,8u111 .. 8u101的java版本,並且不需要任何擴展來執行正常。問題在於java 8u121的最新版本,我不得不卸載最新版本並安裝任何以前的版本,以免它產生任何錯誤。 –

回答

0

這是由於在JDK 8u121(http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html)中進行了修復而引起的錯誤「更多檢查添加到DER編碼解析代碼更多檢查被添加到DER編碼解析代碼以捕獲各種編碼錯誤。包含構建不定長度編碼現在,在解析時引發IOException異常。請注意,使用JDK默認提供不受這種變化產生的簽名。 JDK-8168714(不公開)「

這已經與JDK-8175251已定(https://bugs.openjdk.java.net/browse/JDK-8175251),它將在下一個JDK更新中提供。修復已經在JDK 8u152中存在,其早期訪問版本可以從https://jdk8.java.net/download.html下載

來源

2017-04-04 08:43:46

+0

Thansk。懷疑這是造成問題的JDK 8u121中的一個錯誤,謝謝您的確認。 –

相關問題

 相關問題