ESYAE-imza Kütüphaneleri

User Tools

Site Tools


esya:xades:kod-imza-yapilari

XAdES İmza Yapıları

Kodları tr.gov.tubitak.uekae.esya.api.xades.example.structures paketi altında bulabilirsiniz.

Ayrık (Detached) İmza

İmzalanan dökümanın imzadan ayrı olduğu imza şeklidir. Örneği Detached sınıfındadır.

// create context with working directory
Context context = createContext();

// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context);

// add document as reference, but do not embed it
// into the signature (embed=false)
signature.addDocument("./sample.txt", "text/plain", false);

signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256);

// false-true gets non-qualified certificates while true-false gets qualified ones
X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);

// add certificate to show who signed the document
signature.addKeyInfo(new ECertificate(cert.getEncoded()));

// now sign it by using smart card
signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert));

signature.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME));

Zarflayan (Enveloping) İmza

İmzalanan dökümanın imzanın içine konduğu imza şeklidir. Örnek kod Enveloping içindedir.

// create context with working directory
Context context = createContext();

// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context);

// add document as reference, and keep BASE64 version of data
// in an <Object tag, in a way that reference points to
// that <Object
// (embed=true)
signature.addDocument("./sample.txt", "text/plain", true);

signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256);

// false-true gets non-qualified certificates while true-false gets qualified ones
X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);

// add certificate to show who signed the document
signature.addKeyInfo(new ECertificate(cert.getEncoded()));

// now sign it by using smart card
signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert));

signature.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME));

Zarflanmış (Enveloped) İmza

İmzanın XML dökümanının içine yerleştirildiği imzadır. Örnek kod Enveloped sınıfındadır.

// here is our custom envelope XML
Document envelopeDoc = newEnvelope();


// create context with working directory
Context context = createContext();

// define where signature belongs to
context.setDocument(envelopeDoc);


// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context, false);

// attach signature to envelope
envelopeDoc.getDocumentElement().appendChild(signature.getElement());

// add document as reference,
signature.addDocument("#data1", "text/xml", false);

signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256);

// false-true gets non-qualified certificates while true-false gets qualified ones
X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);

// add certificate to show who signed the document
signature.addKeyInfo(new ECertificate(cert.getEncoded()));

// now sign it by using smart card
signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert));


// this time we do not use signature.write because we need to write
// whole document instead of signature
Source source = new DOMSource(envelopeDoc);
Transformer transformer = TransformerFactory.newInstance().newTransformer();

// write to file
transformer.transform(source, new StreamResult(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)));

Dönüşümlü Zarflanmış (Transformed Enveloped) İmza

Zarflanmış imzaya transform methodu dahil edilmesi ile oluşur. Örnek kod EnvelopedTransform içindedir.

Document envelopeDoc = newEnvelope();

Context context = createContext();
context.setDocument(envelopeDoc);

XMLSignature signature = new XMLSignature(context, false);

// attach signature to envelope
envelopeDoc.getDocumentElement().appendChild(signature.getElement());

Transforms transforms = new Transforms(context);
transforms.addTransform(new Transform(context, TransformType.ENVELOPED.getUrl()));

// add whole document(="") with envelope transform, with SHA256
// and don't include it into signature(false)
signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false);

signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256);

// false-true gets non-qualified certificates while true-false gets qualified ones
X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);

// add certificate to show who signed the document
signature.addKeyInfo(new ECertificate(cert.getEncoded()));

// now sign it by using smart card
signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert));


Source source = new DOMSource(envelopeDoc);
Transformer transformer = TransformerFactory.newInstance().newTransformer();

// write to file
transformer.transform(source, new StreamResult(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)));

esya/xades/kod-imza-yapilari.txt · Son değiştirilme: 2013/08/05 11:33 Değiştiren: Süleyman Uslu