import java.io.FileInputStream;
import java.security.PublicKey;
import java.util.List;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import sun.security.x509.X509CertImpl;
public class Test {
/**
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
validate("生产入库记录.xml");
}
private static void validate(String signedFile) throws Exception {
// Parse the signed XML document to unmarshal <Signature> object.
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
Document doc = dbf.newDocumentBuilder().parse(
new FileInputStream(signedFile));
// Search the Signature element
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS,
"Signature");
if (nl.getLength() == 0) {
throw new Exception("Cannot find Signature element");
}
Node signatureNode = nl.item(0);
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = fac.unmarshalXMLSignature(new DOMStructure(
signatureNode));
javax.xml.crypto.dsig.keyinfo.X509Data data=(javax.xml.crypto.dsig.keyinfo.X509Data)signature.getKeyInfo().getContent().get(
0);
// Get the public key for signature validation
// KeyValue keyValue = (KeyValue) signature.getKeyInfo().getContent().get(
// 0);
List l=data.getContent();
javax.xml.crypto.dsig.keyinfo.X509IssuerSerial searial=(javax.xml.crypto.dsig.keyinfo.X509IssuerSerial)l.get(0);
X509CertImpl cert=(X509CertImpl)l.get(1);
PublicKey pubKey=cert.getPublicKey() ;//= data.getPublicKey();
// Create ValidateContext
DOMValidateContext valCtx = new DOMValidateContext(pubKey,
signatureNode);
// Validate the XMLSignature
boolean coreValidity = signature.validate(valCtx);
// Check core validation status
if (coreValidity == false) {
System.err.println("Core validation failed");
// Check the signature validation status
boolean sv = signature.getSignatureValue().validate(valCtx);
System.out.println("Signature validation status: " + sv);
// check the validation status of each Reference
List refs = signature.getSignedInfo().getReferences();
for (int i = 0; i < refs.size(); i++) {
Reference ref = (Reference) refs.get(i);
boolean refValid = ref.validate(valCtx);
System.out.println("Reference[" + i + "] validity status: "
+ refValid);
}
} else {
System.out.println("Signature passed core validation");
}
}
}