<?xml version="1.0"?> | |
<!-- | |
Licensed to the Apache Software Foundation (ASF) under one | |
or more contributor license agreements. See the NOTICE file | |
distributed with this work for additional information | |
regarding copyright ownership. The ASF licenses this file | |
to you under the Apache License, Version 2.0 (the | |
"License"); you may not use this file except in compliance | |
with the License. You may obtain a copy of the License at | |
http://www.apache.org/licenses/LICENSE-2.0 | |
Unless required by applicable law or agreed to in writing, | |
software distributed under the License is distributed on an | |
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
KIND, either express or implied. See the License for the | |
specific language governing permissions and limitations | |
under the License. | |
--> | |
<!-- This configuration file is used for configuration of the org.apache.xml.security.stax --> | |
<Configuration target="org.apache.xml.security" xmlns="http://www.xmlsecurity.org/NS/configuration"> | |
<Properties> | |
<Property NAME="securityTokenFactory" VAL="org.apache.xml.security.stax.impl.securityToken.SecurityTokenFactoryImpl"/> | |
<Property NAME="CACertKeyStorePassword" VAL="changeit"/> | |
<Property NAME="MaximumAllowedTransformsPerReference" VAL="5"/> | |
<Property NAME="MaximumAllowedReferencesPerManifest" VAL="30"/> | |
<Property NAME="DoNotThrowExceptionForManifests" VAL="false"/> | |
<Property NAME="AllowMD5Algorithm" VAL="false"/> | |
<Property NAME="AllowNotSameDocumentReferences" VAL="false"/> | |
<Property NAME="MaximumAllowedXMLStructureDepth" VAL="100"/> | |
<Property NAME="MaximumAllowedEncryptedDataEvents" VAL="200"/> | |
<Property NAME="DefaultLanguageCode" VAL="en"/> | |
<Property NAME="DefaultCountryCode" VAL="US"/> | |
</Properties> | |
<SecurityHeaderHandlers> | |
</SecurityHeaderHandlers> | |
<TransformAlgorithms> | |
<!-- c14n omitting comments --> | |
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer" /> | |
<!-- c14n with comments --> | |
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_WithCommentsTransformer" /> | |
<!-- c14n 1.1 omitting comments --> | |
<TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer11_OmitCommentsTransformer" /> | |
<!-- c14n 1.1 with comments --> | |
<TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11#WithComments" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer11_WithCommentsTransformer" /> | |
<!-- exclusive c14n omitting comments --> | |
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_ExclOmitCommentsTransformer" /> | |
<!-- exclusive c14n with comments --> | |
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_ExclWithCommentsTransformer" /> | |
<!-- Base64 --> | |
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.TransformBase64Decode" /> | |
<!-- enveloped signature --> | |
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature" | |
JAVACLASS="org.apache.xml.security.stax.impl.transformer.TransformEnvelopedSignature" /> | |
<!-- XPath transform --> | |
<!-- XSLT --> | |
<!-- XPath version 2 --> | |
<!-- XPath version 2b --> | |
</TransformAlgorithms> | |
<JCEAlgorithmMappings> | |
<!-- MessageDigest Algorithms --> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5" | |
Description="MD5 message digest from RFC 1321" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="NOT RECOMMENDED" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
JCEName="MD5"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160" | |
Description="RIPEMD-160 message digest" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="RIPEMD160"/> | |
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" | |
Description="SHA-1 message digest" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="REQUIRED" | |
JCEName="SHA-1"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha224" | |
Description="SHA-224 message digest" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-224"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256" | |
Description="SHA-1 message digest with 256 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="RECOMMENDED" | |
JCEName="SHA-256"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384" | |
Description="SHA message digest with 384 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
JCEName="SHA-384"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512" | |
Description="SHA-1 message digest with 512 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-512"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#whirlpool" | |
Description="WHIRLPOOL message digest" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="WHIRLPOOL"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-224" | |
Description="SHA-3 message digest with 224 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA3-224"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-256" | |
Description="SHA-3 message digest with 256 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA3-256"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-384" | |
Description="SHA-3 message digest with 384 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA3-384"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-512" | |
Description="SHA-3 message digest with 512 bit" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA3-512"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#mgf1sha1" | |
Description="Mask Generation Function with SHA-1 used with the RSA-OAEP key transport algorithm" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-1"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#mgf1sha224" | |
Description="Mask Generation Function with SHA-224 used with the RSA-OAEP key transport algorithm" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-224"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#mgf1sha256" | |
Description="Mask Generation Function with SHA-256 used with the RSA-OAEP key transport algorithm" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-256"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#mgf1sha384" | |
Description="Mask Generation Function with SHA-384 used with the RSA-OAEP key transport algorithm" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-384"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#mgf1sha512" | |
Description="Mask Generation Function with SHA-512 used with the RSA-OAEP key transport algorithm" | |
AlgorithmClass="MessageDigest" | |
RequirementLevel="OPTIONAL" | |
JCEName="SHA-512"/> | |
<!-- Signature Algorithms --> | |
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1" | |
Description="Digital Signature Algorithm with SHA-1 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="REQUIRED" | |
RequiredKey="DSA" | |
JCEName="SHA1withDSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" | |
Description="RSA Signature with MD5 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="NOT RECOMMENDED" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="MD5withRSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" | |
Description="RSA Signature with RIPEMD-160 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="RIPEMD160withRSA"/> | |
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1" | |
Description="RSA Signature with SHA-1 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="RECOMMENDED" | |
RequiredKey="RSA" | |
JCEName="SHA1withRSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" | |
Description="RSA Signature with SHA-224 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="SHA224withRSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" | |
Description="RSA Signature with SHA-256 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="SHA256withRSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" | |
Description="RSA Signature with SHA-384 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="SHA384withRSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" | |
Description="RSA Signature with SHA-512 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="RSA" | |
JCEName="SHA512withRSA"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha1-rsa-MGF1" | |
Description="RSASSA-PSS Signature with SHA-1 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="RECOMMENDED" | |
RequiredKey="RSA" | |
JCEName="SHA1withRSAandMGF1"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha224-rsa-MGF1" | |
Description="RSASSA-PSS Signature with SHA-224 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt" | |
RequiredKey="RSA" | |
JCEName="SHA224withRSAandMGF1"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1" | |
Description="RSASSA-PSS Signature with SHA-256 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt" | |
RequiredKey="RSA" | |
JCEName="SHA256withRSAandMGF1"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1" | |
Description="RSASSA-PSS Signature with SHA-384 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt" | |
RequiredKey="RSA" | |
JCEName="SHA384withRSAandMGF1"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1" | |
Description="RSASSA-PSS Signature with SHA-512 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc6931.txt" | |
RequiredKey="RSA" | |
JCEName="SHA512withRSAandMGF1"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" | |
Description="ECDSA Signature with SHA-1 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="EC" | |
JCEName="SHA1withECDSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" | |
Description="ECDSA Signature with SHA-224 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="EC" | |
JCEName="SHA224withECDSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" | |
Description="ECDSA Signature with SHA-256 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="EC" | |
JCEName="SHA256withECDSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" | |
Description="ECDSA Signature with SHA-384 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="EC" | |
JCEName="SHA384withECDSA"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" | |
Description="ECDSA Signature with SHA-512 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
RequiredKey="EC" | |
JCEName="SHA512withECDSA"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#ecdsa-ripemd160" | |
Description="ECDSA Signature with RIPEMD-160 message digest" | |
AlgorithmClass="Signature" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="https://tools.ietf.org/html/rfc6931" | |
RequiredKey="EC" | |
JCEName="RIPEMD160withECDSA"/> | |
<!-- MAC Algorithms --> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5" | |
Description="Message Authentication code using MD5" | |
AlgorithmClass="Mac" | |
RequirementLevel="NOT RECOMMENDED" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacMD5"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160" | |
Description="Message Authentication code using RIPEMD-160" | |
AlgorithmClass="Mac" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HMACRIPEMD160"/> | |
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1" | |
Description="Message Authentication code using SHA1" | |
AlgorithmClass="Mac" | |
RequirementLevel="REQUIRED" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacSHA1"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha224" | |
Description="Message Authentication code using SHA-224" | |
AlgorithmClass="Mac" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacSHA224"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" | |
Description="Message Authentication code using SHA-256" | |
AlgorithmClass="Mac" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacSHA256"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384" | |
Description="Message Authentication code using SHA-384" | |
AlgorithmClass="Mac" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacSHA384"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512" | |
Description="Message Authentication code using SHA-512" | |
AlgorithmClass="Mac" | |
RequirementLevel="OPTIONAL" | |
SpecificationURL="http://www.ietf.org/rfc/rfc4051.txt" | |
KeyLength="0" | |
RequiredKey="" | |
JCEName="HmacSHA512"/> | |
<!-- Block encryption Algorithms --> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" | |
Description="Block encryption using Triple-DES" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="REQUIRED" | |
KeyLength="192" | |
IVLength="64" | |
RequiredKey="DESede" | |
JCEName="DESede/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc" | |
Description="Block encryption using AES with a key length of 128 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="REQUIRED" | |
KeyLength="128" | |
IVLength="128" | |
RequiredKey="AES" | |
JCEName="AES/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc" | |
Description="Block encryption using AES with a key length of 192 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="192" | |
IVLength="128" | |
RequiredKey="AES" | |
JCEName="AES/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc" | |
Description="Block encryption using AES with a key length of 256 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="REQUIRED" | |
KeyLength="256" | |
IVLength="128" | |
RequiredKey="AES" | |
JCEName="AES/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#aes128-gcm" | |
Description="Block encryption using AES with a key length of 128 bit in GCM" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="128" | |
IVLength="96" | |
RequiredKey="AES" | |
JCEName="AES/GCM/NoPadding"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#aes192-gcm" | |
Description="Block encryption using AES with a key length of 192 bit in GCM" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="192" | |
IVLength="96" | |
RequiredKey="AES" | |
JCEName="AES/GCM/NoPadding"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#aes256-gcm" | |
Description="Block encryption using AES with a key length of 256 bit in GCM" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="256" | |
IVLength="96" | |
RequiredKey="AES" | |
JCEName="AES/GCM/NoPadding"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#seed128-cbc" | |
Description="Block encryption using SEED with a key length of 128 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="128" | |
IVLength="128" | |
RequiredKey="SEED" | |
JCEName="SEED/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#camellia128-cbc" | |
Description="Block encryption using Camellia with a key length of 128 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="128" | |
IVLength="128" | |
RequiredKey="Camellia" | |
JCEName="Camellia/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#camellia192-cbc" | |
Description="Block encryption using Camellia with a key length of 192 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="192" | |
IVLength="128" | |
RequiredKey="Camellia" | |
JCEName="Camellia/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#camellia256-cbc" | |
Description="Block encryption using Camellia with a key length of 256 bit" | |
AlgorithmClass="BlockEncryption" | |
RequirementLevel="OPTIONAL" | |
KeyLength="256" | |
IVLength="128" | |
RequiredKey="Camellia" | |
JCEName="Camellia/CBC/ISO10126Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5" | |
Description="Key Transport RSA-v1.5" | |
AlgorithmClass="KeyTransport" | |
RequirementLevel="REQUIRED" | |
RequiredKey="RSA" | |
JCEName="RSA/ECB/PKCS1Padding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" | |
Description="Key Transport RSA-OAEP" | |
AlgorithmClass="KeyTransport" | |
RequirementLevel="REQUIRED" | |
RequiredKey="RSA" | |
JCEName="RSA/ECB/OAEPWithSHA1AndMGF1Padding"/> | |
<Algorithm URI="http://www.w3.org/2009/xmlenc11#rsa-oaep" | |
Description="Key Transport RSA-OAEP" | |
AlgorithmClass="KeyTransport" | |
RequirementLevel="OPTIONAL" | |
RequiredKey="RSA" | |
JCEName="RSA/ECB/OAEPPadding"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh" | |
Description="Key Agreement Diffie-Hellman" | |
AlgorithmClass="KeyAgreement" | |
RequirementLevel="OPTIONAL" | |
RequiredKey="DH" | |
JCEName="DH"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes" | |
Description="Symmetric Key Wrap using Triple DES" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="REQUIRED" | |
KeyLength="192" | |
RequiredKey="DESede" | |
JCEName="DESedeWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128" | |
Description="Symmetric Key Wrap using AES with a key length of 128 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="REQUIRED" | |
KeyLength="128" | |
RequiredKey="AES" | |
JCEName="AESWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192" | |
Description="Symmetric Key Wrap using AES with a key length of 192 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="OPTIONAL" | |
KeyLength="192" | |
RequiredKey="AES" | |
JCEName="AESWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256" | |
Description="Symmetric Key Wrap using AES with a key length of 256 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="REQUIRED" | |
KeyLength="256" | |
RequiredKey="AES" | |
JCEName="AESWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#kw-camellia128" | |
Description="Symmetric Key Wrap using CAMELLIA with a key length of 128 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="OPTIONAL" | |
KeyLength="128" | |
RequiredKey="Camellia" | |
JCEName="CamelliaWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#kw-camellia192" | |
Description="Symmetric Key Wrap using CAMELLIA with a key length of 192 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="OPTIONAL" | |
KeyLength="192" | |
RequiredKey="Camellia" | |
JCEName="CamelliaWrap"/> | |
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#kw-camellia256" | |
Description="Symmetric Key Wrap using CAMELLIA with a key length of 256 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="OPTIONAL" | |
KeyLength="256" | |
RequiredKey="Camellia" | |
JCEName="CamelliaWrap"/> | |
<Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#kw-seed128" | |
Description="Symmetric Key Wrap using SEED with a key length of 128 bit" | |
AlgorithmClass="SymmetricKeyWrap" | |
RequirementLevel="OPTIONAL" | |
KeyLength="128" | |
RequiredKey="SEED" | |
JCEName="SEEDWrap"/> | |
</JCEAlgorithmMappings> | |
<ResourceResolvers> | |
<Resolver JAVACLASS="org.apache.xml.security.stax.impl.resourceResolvers.ResolverSameDocument" | |
DESCRIPTION="A simple resolver for requests of same-document URIs"/> | |
<Resolver JAVACLASS="org.apache.xml.security.stax.impl.resourceResolvers.ResolverFilesystem" | |
DESCRIPTION="A simple resolver for requests to the local file system"/> | |
<Resolver JAVACLASS="org.apache.xml.security.stax.impl.resourceResolvers.ResolverHttp" | |
DESCRIPTION="A simple resolver for requests to HTTP space"/> | |
<Resolver JAVACLASS="org.apache.xml.security.stax.impl.resourceResolvers.ResolverXPointer" | |
DESCRIPTION="A simple resolver for requests of XPointer fragments"/> | |
</ResourceResolvers> | |
</Configuration> |