Xml signing with remote applet devices

2019-08-20 09:02发布

问题:

All files are stored in the cloud system. The average size of file 200MB.Very large size of the files.Also Usb token on the client side. I don't want to transfer entire file from the server to client. I just want to sign the hash of the file on the client side. How can I do this with the xades4j library?

回答1:

I'm not sure I fully understood, but here are some ideas:

  • Make the file accessible via HTTP. Xade4j (actually, the underlying Apache Santuario) already supports HTTP data object references. This requires that the file is downloaded to the client, which can be bad/undesirable. The file will be digested (hashed) as part of the normal signature production.

  • Use an anonymous data object reference, created with the hash of the file as illustrated here: https://code.google.com/p/xades4j/wiki/DefiningSignedResources. This value is the input for the data object reference, which means it will actually be digested again, but that shouldn't be a problem.

  • Use an EnvelopedXmlObject enclosing the hash. Explained in the same page as above.