如何在lucee中导入java.security.KeyStore.PasswordProtection

How to import java.security.KeyStore.PasswordProtection in lucee

我正在尝试在 Lucee 中使用 JKS XML 签名,但是在测试我的代码时出现以下错误

无法通过其字符串名称加载 class,因为无法找到具有指定名称 [java.security.KeyStore.PasswordProtection] 的 class 的定义,原因是 (java.lang.ClassNotFoundException: java.security.KeyStore.PasswordProtection;java.lang.ClassNotFoundException:java.security.KeyStore.PasswordProtection;)

Lucee“createObject”函数不导入java.security.KeyStore.PasswordProtection

我的代码:

<cfobject type="java" class="java.io.FileInputStream" name="FileInputStream"/>
<cfobject type="java" class="java.io.FileOutputStream" name="FileOutputStream"/>
<cfobject type="java" class="java.io.OutputStream" name="OutputStream"/>
<cfobject type="java" class="java.security.KeyStore" name="KeyStore"/>
<cfobject type="java" class="java.security.KeyStore.PasswordProtection" name="PasswordProtection"/>
<cfobject type="java" class="java.security.cert.X509Certificate" name="X509Certificate"/>
<cfobject type="java" class="java.util.ArrayList" name="ArrayList"/>
<cfobject type="java" class="java.util.Collections" name="Collections"/>
<cfobject type="java" class="java.util.List" name="List"/>
<cfobject type="java" class="javax.xml.crypto.dsig.CanonicalizationMethod" name="CanonicalizationMethod"/>
<cfobject type="java" class="javax.xml.crypto.dsig.DigestMethod" name="DigestMethod"/>
<cfobject type="java" class="javax.xml.crypto.dsig.Reference" name="Reference"/>
<cfobject type="java" class="javax.xml.crypto.dsig.SignedInfo" name="SignedInfo"/>
<cfobject type="java" class="javax.xml.crypto.dsig.Transform" name="Transform"/>
<cfobject type="java" class="javax.xml.crypto.dsig.XMLSignature" name="XMLSignature"/>
<cfobject type="java" class="javax.xml.crypto.dsig.XMLSignatureFactory" name="XMLSignatureFactory"/>
<cfobject type="java" class="javax.xml.crypto.dsig.dom.DOMSignContext" name="DOMSignContext"/>
<cfobject type="java" class="javax.xml.crypto.dsig.keyinfo.KeyInfo" name="KeyInfo"/>
<cfobject type="java" class="javax.xml.crypto.dsig.keyinfo.KeyInfoFactory" name="KeyInfoFactory"/>
<cfobject type="java" class="javax.xml.crypto.dsig.keyinfo.X509Data" name="X509Data"/>
<cfobject type="java" class="javax.xml.crypto.dsig.spec.C14NMethodParameterSpec" name="C14NMethodParameterSpec"/>
<cfobject type="java" class="javax.xml.crypto.dsig.spec.TransformParameterSpec" name="TransformParameterSpec"/>
<cfobject type="java" class="javax.xml.parsers.DocumentBuilderFactory" name="DocumentBuilderFactory"/>
<cfobject type="java" class="javax.xml.transform.Transformer" name="Transformer"/>
<cfobject type="java" class="javax.xml.transform.TransformerFactory" name="TransformerFactory"/>
<cfobject type="java" class="javax.xml.transform.dom.DOMSource" name="DOMSource"/>
<cfobject type="java" class="javax.xml.transform.stream.StreamResult" name="StreamResult"/>
<cfobject type="java" class="org.w3c.dom.Document" name="Document"/>

<cfscript>

    fac = XMLSignatureFactory.getInstance();

    // Create a Reference to the enveloped document (in this case,
    // you are signing the whole document, so a URI of "" signifies
    // that, and also specify the SHA1 digest algorithm and
    // the ENVELOPED Transform.
    writeOutput("Creating a reference to the enveloped document...");
    ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA256, nullValue()),Collections.singletonList(fac.newTransform(Transform.ENVELOPED, nullValue())), nullValue(), nullValue());

    // Create the SignedInfo.
    writeOutput("Creating a Signed Info...");
    si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, nullValue()),
    fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more##rsa-sha256", nullValue()), Collections.singletonList(ref));

    // Instantiate the document to be signed.
    writeOutput("Instantiate the document to be signed... in this case it's purchaseOrder.xml");
    dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    doc = dbf.newDocumentBuilder().parse(FileInputStream.init(expandPath("purchaseOrder.xml")));


    writeOutput("Load the keystore stored in this project to get our keys and certificate...");
    // Load the KeyStore and get the signing key and certificate.
    ks = KeyStore.getInstance("JKS");
    ks.load(FileInputStream.init(expandPath("changeit.keystore")), "changeit".toCharArray());

    keyEntry = ks.getEntry("myAlias", KeyStore.PasswordProtection("changeit".toCharArray()));
    cert = keyEntry.getCertificate();
    // Create the KeyInfo containing the X509Data.
    kif = fac.getKeyInfoFactory();
    x509Content = new ArrayList();
    x509Content.add(cert.getSubjectX500Principal().getName());
    x509Content.add(cert);

    xd = kif.newX509Data(x509Content);

    ki = kif.newKeyInfo(Collections.singletonList(xd));

    // Create a DOMSignContext and specify the RSA PrivateKey and
    // location of the resulting XMLSignature's parent element.
    writeOutput("Creating a DomSignContext with our privateKey...");
    dsc = new DOMSignContext(keyEntry.getPrivateKey(), doc.getDocumentElement());

    // Create the XMLSignature, but don't sign it yet.
    writeOutput("Creating the XMLsignature but don't sign it...");
    signature = fac.newXMLSignature(si, ki);

    // Marshal, generate, and sign the enveloped signature.
    writeOutput("Marshal, generate and sign the enveloped signature...");
    signature.sign(dsc);

    // Output the resulting document.
    os = FileOutputStream.init(expandPath("signedPurchaseOrder.xml"));
    tf = TransformerFactory.newInstance();
    trans = tf.newTransformer();
    trans.transform(new DOMSource(doc), new StreamResult(os));
    writeOutput("Output to signedPurchaseOrder.xml ...");
    // Validate our created signedPurchaseOrder.xml with our provided public key.
    writeOutput("Validate our signedPurchaseOrder.xml ...");

    // new Validation().validate(cert.getPublicKey(), "signedPurchaseOrder.xml");
</cfscript>

有人能帮帮我吗?

谢谢,

PasswordProtectionjava.security.KeyStore 的内部 class。要在 Lucee 中实例化它,您需要使用 $,因此更改

<cfobject type="java" class="java.security.KeyStore.PasswordProtection" name="PasswordProtection"/>

<cfobject type="java" class="java.security.KeyStore$PasswordProtection" name="PasswordProtection"/>