/** * @param xmlSigFactory * @return return the signature method based on the public key size * @throws NoSuchAlgorithmException * @throws InvalidAlgorithmParameterException */ private SignatureMethod getSignatureMethod(XMLSignatureFactory xmlSigFactory) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { SignatureMethod signatureMethod; PublicKey publicKey = holderOfKeyConfig.getCertificate().getPublicKey(); if (publicKey instanceof RSAPublicKey && ((RSAPublicKey) publicKey).getModulus().bitCount() <= 512) { signatureMethod = xmlSigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); } else { signatureMethod = xmlSigFactory.newSignatureMethod(RSA_WITH_SHA512, null); } return signatureMethod; }