Murugan,
Characterization requires that you know more than the total time taken
for specific operations - you need to know how much of your time is
spent waiting for I/O, CPU, locks, etc. so that you know where to
optimize. Knowing that signing takes a total of 890ms still does not
indicate where you can apply resources towards improving performance.
You need to break it down further and then determine what you want to
improve before deciding how to improve it.
Arshad Noor
StrongAuth, Inc.
Murugan Selvaraj wrote:
Yes I have you characterized the performance of the end-to-end
transaction
to determine where your bottle-necks are.The bottle-necks are signing
the URI of the XML document that takes 890 milliseconds (We are not
even signing whole XML document)using enveloped sign.I just developed
one sample XML file .It is taking 890 milliseconds to sign the URI.Can
you now tell me how to improve the performance.
I have attached the XML document and the code below.
XML:
<?xml version="1.0" encoding="UTF-8" ?>
<DigitalWorkFlowPacket Id="new"
xmlns:tools="http://www.digitalBrIdge.net/DWF/Tools/1.0";
xmlns:dwf="http://www.digitalBrIdge.net/DWF/1.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:j="http://www.it.ojp.gov/jxdm/3.0.2";
xmlns:mc="http://home.icjis.maricopa.gov/icjisschemas/MC/1.0";>
<Signatures>
<Signature linkName="main">
<Reference type="uri">
main
</Reference>
</Signature>
</Signatures>
<div id="main">
1
</div>
</DigitalWorkFlowPacket>
CODE :
KeyStore ks = KeyStore.getInstance(KEYSTORETYPE);
FileInputStream fis = new
FileInputStream(KEYSTORE);
ks.load(fis, KEYSTOREPASS.toCharArray());
PrivateKey privateKey =
(PrivateKey)ks.getKey(KEYALIAS,KEYSTOREPASS.toCharArray());
XMLSignature xmlSig = new XMLSignature(doc,"",
XMLSignature.ALGO_ID_SIGNATURE_DSA);
org.w3c.dom.Element sigElement =
xmlSig.getElement();
signAttachElement.appendChild(sigElement);
Transforms transforms = new Transforms(doc);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
xmlSig.addDocument(strURISign,transforms,
Constants.ALGO_ID_DIGEST_SHA1);
X509Certificate cert =
(X509Certificate)ks.getCertificate(CERTIFICATEALIAS);
if (cert == null)
{
throw new Exception("X509 certificate not
found");
}
xmlSig.addKeyInfo(cert);
xmlSig.addKeyInfo(cert.getPublicKey());
//System.out.println("AFTER calling");
xmlSig.sign(privateKey);
-----Original Message-----
From: Arshad Noor [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 22, 2006 5:34 PM
To: [email protected]
Subject: Re: Improve performance of XML Signing
Have you characterized the performance of the end-to-end transaction
to determine where your bottle-necks are? Without that you're shooting
in the dark - i.e. you could spend a lot of time optimizing components
of the process and still not a dent in the overall signing time.
Arshad Noor
StrongAuth, Inc.
Murugan Selvaraj wrote:
Hi All,
We are trying to improve the performance of the XML signing done using
apache tool kit.Can any one help and guide me on improving the
performance of the signing
Help would be appreciated!!!
Thanks
Murugan
