Bu sayfa salt okunur. Kaynağı görebilirsiniz ama değiştiremezsiniz. Bunun yanlış olduğunu düşünüyorsanız yöneticiye danışın.
Kodları tr.gov.tubitak.uekae.esya.api.xades.example.structures paketi altında bulabilirsiniz.
tr.gov.tubitak.uekae.esya.api.xades.example.structures
İmzalanan dökümanın imzadan ayrı olduğu imza şeklidir. Örneği Detached sınıfındadır.
Detached
<sxh java> create context with working directory Context context = createContext(); create signature according to context, with default type (XADES_BES) XMLSignature signature = new XMLSignature(context); add document as reference, but do not embed it into the signature (embed=false) signature.addDocument("./sample.txt", "text/plain", false); signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);
add certificate to show who signed the document signature.addKeyInfo(new ECertificate(cert.getEncoded())); now sign it by using smart card signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert));
signature.write(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME)); </sxh>
İmzalanan dökümanın imzanın içine konduğu imza şeklidir. Örnek kod Enveloping içindedir.
Enveloping
<sxh java> create context with working directory Context context = createContext(); create signature according to context, with default type (XADES_BES) XMLSignature signature = new XMLSignature(context); add document as reference, and keep BASE64 version of data in an <Object tag, in a way that reference points to that <Object (embed=true) signature.addDocument("./sample.txt", "text/plain", true); signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);
İmzanın XML dökümanının içine yerleştirildiği imzadır. Örnek kod Enveloped sınıfındadır.
Enveloped
<sxh java> here is our custom envelope XML Document envelopeDoc = newEnvelope(); create context with working directory Context context = createContext();
define where signature belongs to context.setDocument(envelopeDoc); create signature according to context, with default type (XADES_BES) XMLSignature signature = new XMLSignature(context, false); attach signature to envelope envelopeDoc.getDocumentElement().appendChild(signature.getElement());
add document as reference, signature.addDocument("#data1", "text/xml", false); signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false);
this time we do not use signature.write because we need to write whole document instead of signature Source source = new DOMSource(envelopeDoc); Transformer transformer = TransformerFactory.newInstance().newTransformer();
write to file transformer.transform(source, new StreamResult(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME))); </sxh> ===== Dönüşümlü Zarflanmış (Transformed Enveloped) İmza ===== Zarflanmış imzaya transform methodu dahil edilmesi ile oluşur. Örnek kod EnvelopedTransform içindedir. <sxh java> Document envelopeDoc = newEnvelope(); Context context = createContext(); context.setDocument(envelopeDoc); XMLSignature signature = new XMLSignature(context, false); attach signature to envelope envelopeDoc.getDocumentElement().appendChild(signature.getElement());
EnvelopedTransform
Transforms transforms = new Transforms(context); transforms.addTransform(new Transform(context, TransformType.ENVELOPED.getUrl()));
add whole document(=_fckg_QUOTfckg_QUOT_) with envelope transform, with SHA256 and don't include it into signature(false) signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false); signature.getSignedInfo().setSignatureMethod(SignatureMethod.RSA_SHA256); false-true gets non-qualified certificates while true-false gets qualified ones X509Certificate cert = JSmartCardManager.getInstance().getSignatureCertificate(true, false); add certificate to show who signed the document signature.addKeyInfo(new ECertificate(cert.getEncoded())); now sign it by using smart card signature.sign(JSmartCardManager.getInstance().getSigner(PIN, cert)); Source source = new DOMSource(envelopeDoc); Transformer transformer = TransformerFactory.newInstance().newTransformer(); write to file transformer.transform(source, new StreamResult(new FileOutputStream(BASE_DIR + SIGNATURE_FILENAME))); </sxh>