Google Git
Sign in
apache / santuario-xml-security-java / refs/heads/xml-security2 / . / src / org / apache / xml / security / resource / config.xml
blob: 4afd2713a17b8f5ab4d1276778dc31dc4b2f79bd [file] [log] [blame]
<?xml version="1.0"?>
<!--
<!DOCTYPE Configuration SYSTEM "config.dtd">
-->
<!-- This configuration file is used for configuration of the org.apache.xml.security package -->
<Configuration target="org.apache.xml.security" xmlns="http://www.xmlsecurity.org/NS/#configuration">
<CanonicalizationMethods>
<CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
JAVACLASS="org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments" />
<CanonicalizationMethod URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
JAVACLASS="org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments" />
<CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#"
JAVACLASS="org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments"/>
<CanonicalizationMethod URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
JAVACLASS="org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments"/>
</CanonicalizationMethods>
<TransformAlgorithms>
<!-- Base64 -->
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformBase64Decode" />
<!-- c14n omitting comments -->
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformC14N" />
<!-- c14n with comments -->
<TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformC14NWithComments" />
<!-- exclusive c14n omitting comments -->
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformC14NExclusive" />
<!-- exclusive c14n with comments -->
<TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments" />
<!-- XPath transform -->
<TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xpath-19991116"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath" />
<!-- enveloped signature -->
<TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature" />
<!-- XSLT -->
<TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xslt-19991116"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXSLT" />
<!-- XPath version 2 -->
<TransformAlgorithm URI="http://www.w3.org/2002/04/xmldsig-filter2"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter04" />
<!-- XPath version 2b -->
<TransformAlgorithm URI="http://www.w3.org/2002/06/xmldsig-filter2"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter" />
<!-- Christian Geuer-Pollmanns approach for XPath 2; experimantal -->
<TransformAlgorithm URI="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPathFilterCHGP" />
</TransformAlgorithms>
<SignatureAlgorithms>
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureDSA" />
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1" />
<SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384" />
<SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
JAVACLASS="org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512" />
</SignatureAlgorithms>
<JCEAlgorithmMappings>
<!-- Here, individual providers can be registered; each provider
is identified by Id which is referenced by ProviderId of the
Provider Element in the Algorithm Element -->
<Providers>
<Provider Id="BC"
Class="org.bouncycastle.jce.provider.BouncyCastleProvider"
Info="BouncyCastle Security Provider v1.09"
ProviderURL="http://www.bouncycastle.org/" />
<Provider Id="SUN"
Class="sun.security.provider.Sun"
Info="SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore)"
ProviderURL="http://java.sun.com/" />
<Provider Id="SunRsaSign"
Class="com.sun.rsajca.Provider"
Info="SUN's provider for RSA signatures"
ProviderURL="http://java.sun.com/" />
<Provider Id="SunJCE"
Class="com.sun.crypto.provider.SunJCE"
Info="SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)"
ProviderURL="http://java.sun.com/" />
<Provider Id="IAIK"
Class="iaik.security.provider.IAIK"
Info="IAIK Security Provider v2.6"
ProviderURL="http://www.iaik.at/" />
<Provider Id="Cryptix"
Class="cryptix.provider.Cryptix"
Info="Cryptix JCE provider v3.001002"
ProviderURL="http://www.cryptix.org//" />
</Providers>
<Algorithms>
<!-- MessageDigest Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5"
Description="MD5 message digest from RFC 1321"
AlgorithmClass="MessageDigest"
RequirementLevel="NOT RECOMMENDED"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="MD5" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160"
Description="RIPEMD-160 message digest"
AlgorithmClass="MessageDigest"
RequirementLevel="OPTIONAL">
<ProviderAlgo ProviderId="BC"
JCEName="RIPEMD160" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="RIPEMD160" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1"
Description="SHA-1 message digest"
AlgorithmClass="MessageDigest"
RequirementLevel="REQUIRED">
<ProviderAlgo ProviderId="BC"
JCEName="SHA-1" />
<ProviderAlgo ProviderId="SUN"
JCEName="SHA-1" />
<ProviderAlgo ProviderId="IAIK"
JCEName="SHA-1" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="SHA-1" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256"
Description="SHA-1 message digest with 256 bit"
AlgorithmClass="MessageDigest"
RequirementLevel="RECOMMENDED">
<ProviderAlgo ProviderId="BC"
JCEName="SHA-256" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384"
Description="SHA message digest with 384 bit"
AlgorithmClass="MessageDigest"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="SHA-384" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512"
Description="SHA-1 message digest with 512 bit"
AlgorithmClass="MessageDigest"
RequirementLevel="OPTIONAL">
<ProviderAlgo ProviderId="BC"
JCEName="SHA-512" />
</Algorithm>
<!-- Signature Algorithms -->
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"
Description="Digital Signature Algorithm with SHA-1 message digest"
AlgorithmClass="Signature"
RequirementLevel="REQUIRED">
<ProviderAlgo ProviderId="BC"
JCEName="DSA" />
<ProviderAlgo ProviderId="SUN"
JCEName="DSAWithSHA1" />
<ProviderAlgo ProviderId="IAIK"
JCEName="DSA" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"
Description="RSA Signature with MD5 message digest"
AlgorithmClass="Signature"
RequirementLevel="NOT RECOMMENDED"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="MD5WithRSAEncryption" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"
Description="RSA Signature with RIPEMD-160 message digest"
AlgorithmClass="Signature"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="RIPEMD160WithRSAEncryption" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
Description="RSA Signature with SHA-1 message digest"
AlgorithmClass="Signature"
RequirementLevel="RECOMMENDED">
<ProviderAlgo ProviderId="BC"
JCEName="SHA1WithRSAEncryption" />
<ProviderAlgo ProviderId="SunRsaSign"
JCEName="SHA1withRSA" />
<ProviderAlgo ProviderId="IAIK"
JCEName="SHA-1/RSA" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="SHA-1/RSA" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
Description="RSA Signature with SHA-256 message digest"
AlgorithmClass="Signature"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="SHA256withRSAEncryption" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
Description="RSA Signature with SHA-384 message digest"
AlgorithmClass="Signature"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="SHA384withRSAEncryption" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
Description="RSA Signature with SHA-512 message digest"
AlgorithmClass="Signature"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="SHA512withRSAEncryption" />
</Algorithm>
<!-- MAC Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5"
Description="Message Authentication code using MD5"
AlgorithmClass="Mac"
RequirementLevel="NOT RECOMMENDED"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="HMACMD5" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160"
Description="Message Authentication code using RIPEMD-160"
AlgorithmClass="Mac"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="HMACRIPEMD160" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1"
Description="Message Authentication code using SHA1"
AlgorithmClass="Mac"
RequirementLevel="REQUIRED">
<ProviderAlgo ProviderId="BC"
JCEName="HMACSHA1" />
<ProviderAlgo ProviderId="SunJCE"
JCEName="HmacSHA1" />
<ProviderAlgo ProviderId="IAIK"
JCEName="HMAC/SHA" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="HMAC-SHA-1" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"
Description="Message Authentication code using SHA-256"
AlgorithmClass="Mac"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="HMACSHA256" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384"
Description="Message Authentication code using SHA-384"
AlgorithmClass="Mac"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="HMACSHA384" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512"
Description="Message Authentication code using SHA-512"
AlgorithmClass="Mac"
RequirementLevel="OPTIONAL"
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
<ProviderAlgo ProviderId="BC"
JCEName="HMACSHA512" />
</Algorithm>
<!-- Block encryption Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
Description="Block encryption using Triple-DES"
AlgorithmClass="BlockEncryption"
RequirementLevel="REQUIRED"
KeyLength="192">
<ProviderAlgo ProviderId="BC"
RequiredKey="DESEDE"
JCEName="DESEDE/CBC/ISO10126PADDING"
IVJCEName="DESEDE/ECB/NOPADDING" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="DES-EDE3/CBC" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
Description="Block encryption using AES with a key length of 128 bit"
AlgorithmClass="BlockEncryption"
RequirementLevel="REQUIRED"
KeyLength="128">
<ProviderAlgo ProviderId="BC"
RequiredKey="AES"
JCEName="AES/CBC/ISO10126PADDING"
IVJCEName="AES/ECB/NOPADDING" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="Rijndael" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc"
Description="Block encryption using AES with a key length of 192 bit"
AlgorithmClass="BlockEncryption"
RequirementLevel="OPTIONAL"
KeyLength="192">
<ProviderAlgo ProviderId="BC"
RequiredKey="AES"
JCEName="AES/CBC/ISO10126PADDING"
IVJCEName="AES/ECB/NOPADDING" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="Rijndael" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc"
Description="Block encryption using AES with a key length of 256 bit"
AlgorithmClass="BlockEncryption"
RequirementLevel="REQUIRED"
KeyLength="256">
<ProviderAlgo ProviderId="BC"
RequiredKey="AES"
JCEName="AES/CBC/ISO10126PADDING"
IVJCEName="AES/ECB/NOPADDING" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="Rijndael" />
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
Description="Key Transport RSA-v1.5"
AlgorithmClass="KeyTransport"
RequirementLevel="REQUIRED">
<!-- You have to provide a core RSA mechanism here, even for
the bouncy castle -->
<ProviderAlgo ProviderId="BC"
JCEName="RSA"
RequiredKey="RSA" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="RSA"
RequiredKey="RSA" />
<!-- <ProviderAlgo ProviderId="BC"
JCEName="RSA/PKCS1"
RequiredKey="RSA" />
<ProviderAlgo ProviderId="Cryptix"
JCEName="RSA/ECB/PKCS#1" /> -->
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
Description="Key Transport RSA-OAEP"
AlgorithmClass="KeyTransport"
RequirementLevel="REQUIRED">
<!-- You have to provide a core RSA mechanism here, even for
the bouncy castle -->
<ProviderAlgo ProviderId="BC"
JCEName="RSA"
RequiredKey="RSA" />
<!-- <ProviderAlgo ProviderId="BC" JCEName="RSA/OAEP" RequiredKey="RSA" /> -->
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh"
Description="Key Agreement Diffie-Hellman"
AlgorithmClass="KeyAgreement"
RequirementLevel="OPTIONAL">
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes"
Description="Symmetric Key Wrap using Triple DES"
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="REQUIRED"
KeyLength="192">
<!-- We need a Triple DES in CipherBlockChaining (CBC) mode here without padding -->
<ProviderAlgo ProviderId="BC"
RequiredKey="DESEDE"
JCEName="DESEDE/CBC/NOPADDING" />
<!-- <ProviderAlgo ProviderId="BC" JCEName="DESEDEWrap" RequiredKey="DESEDE" /> -->
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128"
Description="Symmetric Key Wrap using AES with a key length of 128 bit"
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="REQUIRED"
KeyLength="128">
<!-- We need an AES in ElectronicCodeBook (ECB) mode here without padding -->
<ProviderAlgo ProviderId="BC"
JCEName="AES/ECB/NOPADDING"
RequiredKey="AES" />
<!-- <ProviderAlgo ProviderId="BC" JCEName="AESWrap" RequiredKey="AES" /> -->
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192"
Description="Symmetric Key Wrap using AES with a key length of 192 bit"
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="OPTIONAL"
KeyLength="192">
<!-- We need an AES in ElectronicCodeBook (ECB) mode here without padding -->
<ProviderAlgo ProviderId="BC"
JCEName="AES/ECB/NOPADDING"
RequiredKey="AES" />
<!-- <ProviderAlgo ProviderId="BC" JCEName="AESWrap" RequiredKey="AES" /> -->
</Algorithm>
<Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256"
Description="Symmetric Key Wrap using AES with a key length of 256 bit"
AlgorithmClass="SymmetricKeyWrap"
RequirementLevel="REQUIRED"
KeyLength="256">
<!-- We need an AES in ElectronicCodeBook (ECB) mode here without padding -->
<ProviderAlgo ProviderId="BC"
JCEName="AES/ECB/NOPADDING"
RequiredKey="AES" />
<!-- <ProviderAlgo ProviderId="BC" JCEName="AESWrap" RequiredKey="AES" /> -->
</Algorithm>
</Algorithms>
</JCEAlgorithmMappings>
<ResourceBundles defaultLanguageCode="en" defaultCountryCode="US">
<ResourceBundle LanguageCode="en"
CountryCode="US"
LOCATION="org.apache.xml.security/resource/xmlsecurity_en.properties" />
<ResourceBundle LanguageCode="de"
CountryCode="DE"
LOCATION="org.apache.xml.security/resource/xmlsecurity_de.properties" />
</ResourceBundles>
<ResourceResolvers>
<Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP"
DESCRIPTION="A simple resolver for requests to HTTP space" />
<Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem"
DESCRIPTION="A simple resolver for requests to the local file system" />
<Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverFragment"
DESCRIPTION="A simple resolver for requests of same-document URIs" />
<Resolver JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverXPointer"
DESCRIPTION="A simple resolver for requests of XPointer fragents" />
</ResourceResolvers>
<!-- <defaultLocale languageCode="en" countryCode="US" /> -->
<KeyInfo>
<ContentHandler LOCALNAME="KeyName"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.KeyName" />
<ContentHandler LOCALNAME="KeyValue"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.KeyValue" />
<ContentHandler LOCALNAME="RetrievalMethod"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.RetrievalMethod" />
<ContentHandler LOCALNAME="X509Data"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.X509Data" />
<ContentHandler LOCALNAME="PGPData"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.PGPData" />
<ContentHandler LOCALNAME="SPKIData"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.SPKIData" />
<ContentHandler LOCALNAME="MgmtData"
NAMESPACE="http://www.w3.org/2000/09/xmldsig#"
JAVACLASS="org.apache.xml.security.keys.content.MgmtData" />
</KeyInfo>
<KeyResolver>
<!-- This section contains a list of KeyResolvers that are available in
every KeyInfo object -->
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver"
DESCRIPTION="Can extract RSA public keys" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver"
DESCRIPTION="Can extract DSA public keys" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver"
DESCRIPTION="Can extract public keys from X509 certificates" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver"
DESCRIPTION="Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver"
DESCRIPTION="Resolves keys and certificates using ResourceResolvers" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver"
DESCRIPTION="Uses an X509 SubjectName to retrieve a certificate from the storages" />
<Resolver JAVACLASS="org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver"
DESCRIPTION="Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages" />
</KeyResolver>
<PrefixMappings>
<!-- Many classes create Elements which are in a specific namespace;
here, the prefixes for these namespaces are defined. But this
can also be overwritten using the ElementProxy#setDefaultPrefix()
method. You can even set all prefixes to "" so that the corresponding
elements are created using the default namespace -->
<PrefixMapping namespace="http://www.w3.org/2000/09/xmldsig#"
prefix="ds" />
<PrefixMapping namespace="http://www.w3.org/2001/04/xmlenc#"
prefix="xenc" />
<PrefixMapping namespace="http://www.xmlsecurity.org/experimental#"
prefix="experimental" />
<PrefixMapping namespace="http://www.w3.org/2002/04/xmldsig-filter2"
prefix="dsig-xpath-old" />
<PrefixMapping namespace="http://www.w3.org/2002/06/xmldsig-filter2"
prefix="dsig-xpath" />
<PrefixMapping namespace="http://www.w3.org/2001/10/xml-exc-c14n#"
prefix="ec" />
<PrefixMapping namespace="http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter"
prefix="xx" />
</PrefixMappings>
</Configuration>