# IXSIL algorithm properties # # This file contains the properties which IXSIL uses in context of key management. #---------------------------------------------------------------------------------------------------------- # # The following properties are associations between the fully qualified XMLname of a "KeyInfo" subelement, # as used in an XML signature to specify hints how the verifier can obtain the verification key, and that # implementation class of the interface iaik.ixsil.keyinfo.KeyProviderInterface, which will manage # subelements of that type. # # These properties are only of interest, if you are using the standard key manager shipped with IXISL # (which is class iaik.ixsil.keyInfo.KeyManagerImpl). # # For instance, if you would like to specify the key provider implementation for "KeyValue" subelements, # the property name is the fully qualified XML name for the "KeyValue" element, namely # "http://www.w3.org/2000/09/xmldsig#:KeyValue". The value of the property is the fully qualified class # name of the key provider implementation class, for instance the standard implementation which ships with # IXSIL: "iaik.ixsil.keyinfo.KeyProviderImplKeyValue". # # PLEASE NOTE (I): A fully qualified name for an XML element consists of an URI indicating the namespace the # element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the # element (e.g. "KeyValue"). Both components are seperated by a colon. # # PLEASE NOTE (II): The colon character (":") must be escaped by a leading backslash, if it appears in the # property name. http\://www.w3.org/2000/09/xmldsig#\:KeyValue = iaik.ixsil.keyinfo.KeyProviderImplKeyValue http\://www.w3.org/2000/09/xmldsig#\:X509Data = iaik.ixsil.keyinfo.x509.KeyProviderImplX509Data http\://www.w3.org/2000/09/xmldsig#\:RetrievalMethod = iaik.ixsil.keyinfo.retrieval.KeyProviderImplRetrievalMethod #---------------------------------------------------------------------------------------------------------- # # The following properties specify the order in which the different types of "KeyInfo" subelements are used # by the key manager to deduce the verification key. # # These properties are only of interest, if you are using the standard key manager shipped with IXISL # (which is class iaik.ixsil.keyInfo.KeyManagerImpl). # # The properties are associations between a two digit number and the fully qualified XML name of a "KeyInfo" # subelement. The lower the number, the more important is the associated "KeyInfo" sublement. Consider an # example configuration: # # Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue # Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data # # In this configuration, the key manager first tries to use "KeyValue" subelements to deduce the # verification key. Only if this does not succeed, the key manager uses "X509Data" subelements as a second # chance. Of course you can specify more than only two different subelement types. # # PLEASE NOTE: A fully qualified name for an XML element consists of an URI indicating the namespace the # element belongs to (e.g. "http://www.w3.org/2000/09/xmldsig#") and the local name of the # element (e.g. "KeyValue"). Both components are seperated by a colon. Subelement.01 = http://www.w3.org/2000/09/xmldsig#:KeyValue Subelement.02 = http://www.w3.org/2000/09/xmldsig#:X509Data Subelement.03 = http://www.w3.org/2000/09/xmldsig#:RetrievalMethod #---------------------------------------------------------------------------------------------------------- # # The following property is used by standard implementation of the "X509Data" key provider, which ships # with IXSIL, namely "KeyProviderImplX509Data". It specifies the implementation class for the interface # iaik.ixsil.keyinfo.x509.X509TrustManagerInterface, which is to be instantiated as the backbone trust # manager for this key provider. # Please specifiy the fully qualified java class name for the class to be instantiated. KeyProviderImplX509Data.X509TrustManagerDefaultImplementingClass = iaik.ixsil.keyinfo.x509.X509TrustManagerDummyImpl