经过多次与XML签名的斗争后，我终于找到了一个可接受的解决方案（虽然并不理想）。

After much fighting with XML Signatures I finally arrived at an acceptable solution (though not ideal).

事实证明，独家规范化还不够。您还需要在所有其他变换器之后添加Exclusive变换。按照我上面写的代码片段：

As it turns out an Exclusive canonicalization is not enough. You need to also add an Exclusive transform after all other transformers. Following the code snippets I wrote above:

List<Transform> transforms = new ArrayList<Transform>()
transforms.add(transform)
fac.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)

这将使得不会考虑签名元素之外的任何其他命名空间（尽管它具有在命名空间内插入命名空间的附加效果）允许使用signed元素。

This will make it so that any other namespaces outside of the signed elements will not be taken into account (though it has the added effect that inserting namespace(s) inside the signed element is allowed).

此外，似乎将考虑到带符号元素的xpath中的任何元素，因此如果你有以下xpath / root / A / B 它将对标签B进行签名，但是您将无法更改A或根元素的标签名称。

Also it seems that any element in the xpath to the signed element will be taken into account so if you have the following xpath /root/A/B it will sign tag B however you will not be able to change the tag name of either A or root elements.

这可以通过使用包含较少元素的xpath来克服，例如 // B 。

This can be overcome by using an xpath with less elements in it such as //B.

我相信也有可能克服这个问题，虽然到目前为止我还没有。

I believe it may be possible to overcome this issue too though so far I have not been able to.