aboutsummaryrefslogtreecommitdiff
path: root/id.server/data/test/ixsil/init/properties/keyManager.properties
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/data/test/ixsil/init/properties/keyManager.properties')
-rw-r--r--id.server/data/test/ixsil/init/properties/keyManager.properties74
1 files changed, 74 insertions, 0 deletions
diff --git a/id.server/data/test/ixsil/init/properties/keyManager.properties b/id.server/data/test/ixsil/init/properties/keyManager.properties
new file mode 100644
index 000000000..24ece437a
--- /dev/null
+++ b/id.server/data/test/ixsil/init/properties/keyManager.properties
@@ -0,0 +1,74 @@
+# IXSIL algorithm properties
+#
+# This file contains the properties which IXSIL uses in context of key management.
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following properties are associations between the fully qualified XMLname of a "KeyInfo" subelement,
+# as used in an XML signature to specify hints how the verifier can obtain the verification key, and that
+# implementation class of the interface iaik.ixsil.keyinfo.KeyProviderInterface, which will manage
+# subelements of that type.
+#
+# These properties are only of interest, if you are using the standard key manager shipped with IXISL
+# (which is class iaik.ixsil.keyInfo.KeyManagerImpl).
+#
+# For instance, if you would like to specify the key provider implementation for "KeyValue" subelements,
+# the property name is the fully qualified XML name for the "KeyValue" element, namely
+# "http://www.w3.org/2000/09/xmldsig#:KeyValue". The value of the property is the fully qualified class
+# name of the key provider implementation class, for instance the standard implementation which ships with
+# IXSIL: "iaik.ixsil.keyinfo.KeyProviderImplKeyValue".
+#
+# PLEASE NOTE (I): A fully qualified name for an XML element consists of an URI indicating the namespace the
+# element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the
+# element (e.g. "KeyValue"). Both components are seperated by a colon.
+#
+# PLEASE NOTE (II): The colon character (":") must be escaped by a leading backslash, if it appears in the
+# property name.
+
+http\://www.w3.org/2000/09/xmldsig#\:KeyValue = iaik.ixsil.keyinfo.KeyProviderImplKeyValue
+http\://www.w3.org/2000/09/xmldsig#\:X509Data = iaik.ixsil.keyinfo.x509.KeyProviderImplX509Data
+http\://www.w3.org/2000/09/xmldsig#\:RetrievalMethod = iaik.ixsil.keyinfo.retrieval.KeyProviderImplRetrievalMethod
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following properties specify the order in which the different types of "KeyInfo" subelements are used
+# by the key manager to deduce the verification key.
+#
+# These properties are only of interest, if you are using the standard key manager shipped with IXISL
+# (which is class iaik.ixsil.keyInfo.KeyManagerImpl).
+#
+# The properties are associations between a two digit number and the fully qualified XML name of a "KeyInfo"
+# subelement. The lower the number, the more important is the associated "KeyInfo" sublement. Consider an
+# example configuration:
+#
+# Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue
+# Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data
+#
+# In this configuration, the key manager first tries to use "KeyValue" subelements to deduce the
+# verification key. Only if this does not succeed, the key manager uses "X509Data" subelements as a second
+# chance. Of course you can specify more than only two different subelement types.
+#
+# PLEASE NOTE: A fully qualified name for an XML element consists of an URI indicating the namespace the
+# element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the
+# element (e.g. "KeyValue"). Both components are seperated by a colon.
+
+Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue
+Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data
+Subelement.03 = http://www.w3.org/2000/09/xmldsig#:RetrievalMethod
+
+
+
+#----------------------------------------------------------------------------------------------------------
+#
+# The following property is used by standard implementation of the "X509Data" key provider, which ships
+# with IXSIL, namely "KeyProviderImplX509Data". It specifies the implementation class for the interface
+# iaik.ixsil.keyinfo.x509.X509TrustManagerInterface, which is to be instantiated as the backbone trust
+# manager for this key provider.
+# Please specifiy the fully qualified java class name for the class to be instantiated.
+
+KeyProviderImplX509Data.X509TrustManagerDefaultImplementingClass = iaik.ixsil.keyinfo.x509.X509TrustManagerDummyImpl
+