The objective of this example is to sign an XML document using the TrustedX signature service. In order to understand this example, it is recommended that first you understand the previously seen example: CMS/PKCS#7 Signature Generation.

To try this example, you must download the file called sampleAxis3.zip and follow the instructions in Configuration of the Environment.

As in the case of the CMS/PKCS#7 signature example, we must use a SignRequest object to perform a signature request; however, in this case it will be an XML signature profile.

SignRequest sr = new SignRequest();
sr.setProfile(new URI(PROF_SIGN_XML));

In this example, the data to be signed have an XML format and can be found in the Demo.xml file. The data will be included in the request encoded in Base64. In the same way as in the previous example, an InputDocuments object is created. This object includes a Document object containing the data. In this case, the data are inserted using the setBase64XML() method.

InputDocuments idoc = new InputDocuments();
Document doc = new Document();
doc.setBase64XML(Util.readBinaryFile(path_in + filename));
idoc.setDocument(doc);sr.setInputDocuments(idoc);

For this request, it is stated that the data are to be returned encoded in Base64. This information must be included in an OptionalInputs object via the setReturnBase64XML() method. This object must also contain the data about the certificate to be used, as we saw in the previous example.

OptionalInputs opt = new OptionalInputs();
opt.setReturnBase64XML("");
sr.setOptionalInputs(opt);

As no other details were specified, the resulting signature will be detached. Later, in other signature requests, we will show the other two types of requests possible with an XML signature, i.e. the signature request type for adding the resulting signature inside the original document, known as enveloped signature, and the signature request type for adding the document inside the generated signature, known as enveloping signature.

Then, the request is sent by invoking the sign() operation and the response is collected in a SignResponse object.

SignResponse srs = bindingDs.sign(sr);

Once the request has been sent, we can check if it has been processed correctly by consulting the response parameters. The functions of the UtilTrustedX auxiliary class are used for this. If all goes well, the signature is retrieved from the response and is stored in a file. In the XML Signature Verification example, you will see how the validity of the generated signature must be checked. Given that it was indicated that the response should return a Base64 encoded signature and that it is a XADES profile request, we must use the getBase64XMLSignature() method to retrieve the signature.

if (UtilTrustedXAxis.check(srs.getResult(), bindingDs)) {
   byte[] data = srs.getSignatureObject().getBase64XMLSignature().get_value();								
   String destFilename = path_out + filename.substring(0, filename.lastIndexOf("."))
         + "SignedDetached.xml";
   Util.writeBinaryFile(destFilename, data);
}

After executing the example, we obtain a response, such as the one below, and a file with the signature.

File saved successfully on: data/output/DemoSignedDetached.xml

Go to discussion forum (1)