I need to sign xml files with XAdES-EPES enveloped, RSA-SHA256 with this hash: Quzn98x3PMbSHwbUzaj5f5KOpiH0u8bvmwbbbNkO9Es
I signed the XML but it is not valid because I don't know how to enter that Hash. This is my code:
public class Firma{
private static final String FOLDER = "C:/ECLIPSE/PRUEBAS_Firma/";
private static final String CERT = "SOLDISP_XXXXX.p12";// "Certificado de
// dispositivo
private static final String PASS = "xxxxxx";
private static final String DOCUMENT = "C:/ECLIPSE/PRUEBAS_Firma/Ejemplo_TicketBAI_B00000034_B2022_0101_SinFirma.xml";
public static void main(String[] args) throws Exception {
System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
System.out.println(">>>>>>>>> Firmando XML");
signEpes();
}
private static void signEpes() throws Exception {
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new File(DOCUMENT));
Element elem = doc.getDocumentElement();
DOMHelper.useIdAsXmlId(elem);
KeyingDataProvider kdp = new FileSystemKeyStoreKeyingDataProvider("pkcs12", FOLDER + CERT,
new FirstCertificateSelector(), new DirectPasswordProvider(PASS), new DirectPasswordProvider(PASS),
true);
// politica
SignaturePolicyInfoProvider policyInfoProvider = new SignaturePolicyInfoProvider() {
@Override
public SignaturePolicyBase getSignaturePolicy() {
return new SignaturePolicyIdentifierProperty(
new ObjectIdentifier(
"https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf",
IdentifierType.URI, ""),
new ByteArrayInputStream(
"https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf"
.getBytes())
);
}
};
SignerEPES signer = (SignerEPES) new XadesEpesSigningProfile(kdp, policyInfoProvider).newSigner();
new Enveloped(signer).sign(elem);
outputDocument(doc, "Factura_firmada.xml");
}
protected static void outputDocument(Document doc, String fileName) throws Exception {
TransformerFactory tf = TransformerFactory.newInstance();
File outDir = ensureOutputDir();
FileOutputStream out = new FileOutputStream(new File(outDir, fileName));
tf.newTransformer().transform(new DOMSource(doc), new StreamResult(out));
out.close();
}
private static File ensureOutputDir() {
File dir = new File(toPlatformSpecificFilePath(FOLDER));
dir.mkdir();
return dir;
}
}
Please, can anyone help me??? Thanks in advance
The hash must be calculated from source policy page Stream. The code below do what you want, change whatever you need to adapt your scenario. You can change the code when you creates the
Also I give you auxiliar code used for the https communication.
Of course the "allow all certificate" operation for connecting to the URL must be avoided in production, instead is better add the corresponding certificates to your certificate store.