java - 调用 XMLSignature.validate 并在 JBOSS 7 上运行时获取“当前节点：[#document：null]，类型：9”

问题描述

我有一个带有内容的签名 xml 文件：

<?xml version="1.0" encoding="utf-8" standalone="yes"?><ObjectMessage TXDATE="" TXNUM="" TXTIME="" TLID="" MBID="" LOCAL="N" MSGTYPE="O" OBJNAME="SA.SYSVAR" ACTIONFLAG="INQUIRY" CMDINQUIRY=" SELECT MAX(NVL(ACTUALVERSION,'')) AS ACTUALVERSION, MAX(NVL(AUTOUPDATE,'')) AS AUTOUPDATE, MAX(NVL(REPORTVERSION,'')) AS REPORTVERSION FROM (  SELECT VARVALUE AS ACTUALVERSION, '' AS AUTOUPDATE, '' REPORTVERSION FROM  SYSVAR WHERE VARNAME='ACTUALVERSION' UNION ALL SELECT '' AS ACTUALVERSION, VARVALUE AUTOUPDATE, '' REPORTVERSION  FROM  SYSVAR WHERE VARNAME='AUTOUPDATE' UNION ALL SELECT '' AS ACTUALVERSION, '' AUTOUPDATE, VARVALUE REPORTVERSION  FROM  SYSVAR WHERE VARNAME='REPORTVERSION')" CLAUSE="" FUNCTIONNAME="" AUTOID="" REFERENCE="" RESERVER="" IPADDRESS="192.168.22.22" CMDTYPE="T" PARENTOBJNAME="" PARENTCLAUSE="" SESSIONID="1A7FD51AB9F1989132EBEA49A3AF8F408AE906E35B84B7ED360F6CECC546EC6412674C14C693108735A9B8B0882261A9C44711AF60C343701D5BA1A6B5FCF2E40AB7858023C446E4B40CD0DFCE659032C083D3E5FA85504AF433F736BC39BD1A87D047430BF37B7B8D0EB960868A6C2C" REQUESTID="a341acd6-3540-48a0-9f92-b8e896bb1b50" CHILDTABLE=""><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><XPath>ancestor-or-self::Signature</XPath></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</DigestValue></Reference></SignedInfo><SignatureValue>dz/JLG9rh+o5eAe34R4WQOBR/a+YJ3LCnSe6Uijh3bbwbXM6JvfLhux4T4DUJA+jb7UZoFWQ0orh7xAyh1ecWlyvrDSNrkWA3XjNuXLyxlNLOhOZIo4ou0glpLHGQHIC7u5q7OxLfBartbnnyZHvVrueFfwJvrZI4JkNqhwUll8=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEfDCCA2SgAwIBAgIQVAMHXnuXweJ+qlRbtOgaNTANBgkqhkiG9w0BAQUFADBJMQswCQYDVQQGEwJWTjEOMAwGA1UEBxMFSGFub2kxGTAXBgNVBAoTEEJrYXYgQ29ycG9yYXRpb24xDzANBgNVBAMTBkJrYXZDQTAeFw0xODA0MDQwNDUwNDRaFw0yMDA1MTUwMzM1NDhaMIHNMTEwLwYKCZImiZPyLGQBAQwhQ01ORDowMTAyNjg0MDA2LUNNTkQ6MDM0MDgzMDAwMDM0MRwwGgYDVQQDDBNM4bqhaSBI4buvdSBExrDGoW5nMUMwQQYDVQQKDDpDw7RuZyBUeSBD4buVIFBo4bqnbiBHaeG6o2kgUGjDoXAgUGjhuqduIE3hu4FtIFTDoGkgQ2jDrW5oMRQwEgYDVQQHDAtUaGFuaCBYdcOibjESMBAGA1UECAwJSMOgIE7hu5lpMQswCQYDVQQGEwJWTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnO6nPGRJo77txMVboWcG4JtM1KF+Fo0qzuw4y22cUDcRYZY0FWPMWOs0rB9cxuMz8wgtonyabnjEwsNDCrvozPwRVYZwmeLrDS1aFPx5/Q9qDeYyTPTaEYrg0roTVSMKp+vmeUTWkZB0E2YWBfU1Pg6lgPTVHe/mlH1VQmgwkvcCAwEAAaOCAV0wggFZMDEGCCsGAQUFBwEBBCUwIzAhBggrBgEFBQcwAYYVaHR0cDovL29jc3AuYmthdmNhLnZuMB0GA1UdDgQWBBRZq1U4DEA/D5DmAZcr+IRQqVgVozAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFB6wD0iX39DDZ6dGhDtYO4gNU5SGMH8GA1UdHwR4MHYwdKAjoCGGH2h0dHA6Ly9jcmwuYmthdmNhLnZuL0JrYXZDQS5jcmyiTaRLMEkxDzANBgNVBAMMBkJrYXZDQTEZMBcGA1UECgwQQmthdiBDb3Jwb3JhdGlvbjEOMAwGA1UEBwwFSGFub2kxCzAJBgNVBAYTAlZOMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSUEGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAkBgNVHREEHTAbgRl0aHV5Lm5ndXllbmxlQGZzc2MuY29tLnZuMA0GCSqGSIb3DQEBBQUAA4IBAQC6nSJ4Uiuca1uQ5BRihpbep8qTPakG571zmD/MchVjVAykRmvvPUMb/+osXVFiy7DdDkuvmn2oOZGUtd16uTd13MRtNyjGHZB8aOEmi8LElV9YUzSw17VWkN9MWOtmJDo76RRND0S8CaIXYEI09vAtoeUr0GGEpu1rxUnfgTv3BaR86I0gm+6RWbBBGT9YtT/HSrua6WDp6aI3sN7sWCSl4j7nIWVPyfkJYxP6VTA8XboTeTMGLl+zZBLjwbVtdRDa6hjNhUF+P2yDR+U0b1tUGfJu3HRmKEAr7+BrKHfa9ZQNzK9uvV4/+DOj5vAzGozX2fKpFriS0MZ5dQoo/0UB</X509Certificate></X509Data></KeyInfo></Signature></ObjectMessage>

我尝试用java代码验证它：

    File fff = new File("S:\\signeData.xml");
    FileInputStream fileInputStream = new FileInputStream(fff);

    long byteLength = fff.length();

    byte[] filecontent = new byte[(int) byteLength];
    fileInputStream.read(filecontent, 0, (int) byteLength);
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    Document doc = dbf.newDocumentBuilder()
            .parse(new ByteArrayInputStream(filecontent));

    dbf.setNamespaceAware(true);

    NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS,
                "Signature");

   String providerName = System.getProperty("jsr105Provider",
                "org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI");

   XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM",
                (Provider) Class.forName(providerName).newInstance());

   DOMValidateContext valContext = new DOMValidateContext(
                new XmlUtil.X509KeySelector(), nl.item(nl.getLength() - 1));
   XMLSignature signature = fac.unmarshalXMLSignature(valContext);
   res = signature.validate(valContext);

几乎其他的 xml 文件都可以被认证，除了这个文件。res=signature.validate(valContext)它与Current Node: [#document: null], type: 9消息一起崩溃。令人费解的一点是，如果我在eclipse上运行这段代码，一切正常，文件验证成功。仅当代码在 JBOSS 7 上运行时才会出现此错误，仅使用此文件。

标签： javaxmljbossxml-signature