801 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \ |
801 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \ |
802 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \ |
802 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \ |
803 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \ |
803 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \ |
804 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \ |
804 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \ |
805 # FFFFFFFF FFFFFFFF, 2} |
805 # FFFFFFFF FFFFFFFF, 2} |
|
806 |
|
807 # |
|
808 # The policy for the XML Signature secure validation mode. The mode is |
|
809 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to |
|
810 # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method, |
|
811 # or by running the code with a SecurityManager. |
|
812 # |
|
813 # Policy: |
|
814 # Constraint {"," Constraint } |
|
815 # Constraint: |
|
816 # AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint | |
|
817 # ReferenceUriSchemeConstraint | OtherConstraint |
|
818 # AlgConstraint |
|
819 # "disallowAlg" Uri |
|
820 # MaxTransformsConstraint: |
|
821 # "maxTransforms" Integer |
|
822 # MaxReferencesConstraint: |
|
823 # "maxReferences" Integer |
|
824 # ReferenceUriSchemeConstraint: |
|
825 # "disallowReferenceUriSchemes" String { String } |
|
826 # OtherConstraint: |
|
827 # "noDuplicateIds" | "noRetrievalMethodLoops" |
|
828 # |
|
829 # For AlgConstraint, Uri is the algorithm URI String that is not allowed. |
|
830 # See the XML Signature Recommendation for more information on algorithm |
|
831 # URI Identifiers. If the MaxTransformsConstraint or MaxReferencesConstraint is |
|
832 # specified more than once, only the last entry is enforced. |
|
833 # |
|
834 # Note: This property is currently used by the JDK Reference implementation. It |
|
835 # is not guaranteed to be examined and used by other implementations. |
|
836 # |
|
837 jdk.xml.dsig.secureValidationPolicy=\ |
|
838 disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\ |
|
839 disallowAlg http://www.w3.org/2001/04/xmldsig-more#rsa-md5,\ |
|
840 disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\ |
|
841 disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\ |
|
842 maxTransforms 5,\ |
|
843 maxReferences 30,\ |
|
844 disallowReferenceUriSchemes file http https,\ |
|
845 noDuplicateIds,\ |
|
846 noRetrievalMethodLoops |