1
我想验证包含XSLT转换的XML文件的数字签名。然而,当我确认这个消息,我收到以下错误:使用XSLT转换时XML数字签名验证失败
javax.xml.crypto.MarshalException: java.security.InvalidAlgorithmParameterException: XSLT Transform does not support specified parameter element: xsl:transform
文件的签名包含的变换,看起来像这样:
<xsl:transform xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
<xsl:output encoding="UTF-8" indent="no" method="xml"
omit-xml-declaration="yes" standalone="yes" version="1.0" />
<xsl:template match="@*|*">
<xsl:copy>
<xsl:apply-templates select="@*|*" />
<xsl:apply-templates select="text()" />
</xsl:copy>
</xsl:template>
<xsl:template match="text()">
<xsl:choose>
<xsl:when test="../@codering = 'base64'">
<xsl:value-of select="translate(normalize-space(.), ' ', '')" />
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="normalize-space(.)" />
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:transform>
用于验证XML文件中的代码看起来是这样的:
DocumentBuilderFactory documentBuilderFactory = documentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
Document xmlDocument = documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(document.getBytes()));
NodeList nodeList = xmlDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
DOMValidateContext domValidateContext = new DOMValidateContext(new RsaSha256KeySelector(), nodeList.item(0));
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
signatureIsValid = signature.validate(domValidateContext);
任何人有一个想法是什么,我做错了什么?
谢谢
您似乎使用'xsl:'进行转换本身,即在定义之前。你可以尝试删除第一个'xsl:'它或使用全名吗? –