You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Zhu Li Qiang <Zh...@bcsis.com> on 2003/01/27 10:16:21 UTC

algorithm name customization

> Is it possible to use other algorithm names which is not defined in the XMLSignature.java class? 
> 
> The reason is that I want to allow the caller class to choose between PKCS11 and PKCS12 devices while the algorithm is the same, but due to my JCE provider's limitation, I must use different JCE providers to support different devices. So I am thinking to create 2 different entries of algorithm in config.xml with each entry like "SHAwithRSA_P1X  ....  P1XProvider". 
> But in XMLSignature.java class, all algorithms are predefined as "ALGO_ID_SIGNATURE_XXXX".
> 
> Hope you can enlighten me further regarding this.
> 
> Thanks a lot,
> Richard Zhu
> ************************************************************************************************************
> CONFIDENTIALITY CAUTION 
> This message and its attachments (> "> Message> "> ) are intended only for the use of the individual or entity to whom it is addressed, is confidential and may also be privileged. If you are not the intended recipient, please do not distribute, use or copy any part of it. Instead, please inform us immediately by return e-mail and delete this Message from your system or destroy it if you received it otherwise than by e-mail.
> Any opinions or representations contained in this Message shall not bind BCS Information Systems Pte Ltd (> "> BCSIS> "> ) unless the author is authorized by BCSIS to communicate such opinion or representation and the authority of the author to so bind BCSIS is duly verified.
> ************************************************************************************************************
>

Re: algorithm name customization

Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.

Hi,

yes, of course you can use arbitrary algorithm URIs. The URIs in 
XMLSignature are the ones which are standardized by W3C and IETF.

The binding between a URI and its implementing class is done in config.xml:

<SignatureAlgorithms>
  <SignatureAlgorithm
    URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1"
 
JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureDSA" 
/>
  ...

The above says that the algorithm &ds;dsa-sha1 is implemented by the 
SignatureDSA class. So if you implement a class like

public class MySignatureImpl extends SignatureAlgorithmSpi

and add a

  <SignatureAlgorithm
    URI="http://www.bcsis.com/#signature-scheme-1"
    JAVACLASS="com.bcsis.algorithms.MySignatureImpl" />

then you're done.

Christian


--On Montag, 27. Januar 2003 17:16 +0800 Zhu Li Qiang 
<Zh...@bcsis.com> wrote:

>> Is it possible to use other algorithm names which is not defined in the
>> XMLSignature.java class?
>>
>> The reason is that I want to allow the caller class to choose between
>> PKCS11 and PKCS12 devices while the algorithm is the same, but due to my
>> JCE provider's limitation, I must use different JCE providers to support
>> different devices. So I am thinking to create 2 different entries of
>> algorithm in config.xml with each entry like "SHAwithRSA_P1X  ....
>> P1XProvider".  But in XMLSignature.java class, all algorithms are
>> predefined as "ALGO_ID_SIGNATURE_XXXX".
>>
>> Hope you can enlighten me further regarding this.