| <?xml version='1.0' encoding='UTF-8'?> |
| <!-- Schema file written by PDE --> |
| <schema targetNamespace="org.eclipse.equinox.p2.artifact.repository" xmlns="http://www.w3.org/2001/XMLSchema"> |
| <annotation> |
| <appInfo> |
| <meta.schema plugin="org.eclipse.equinox.p2.artifact.repository" id="artifactChecksums" name="Artifact Checksum support"/> |
| </appInfo> |
| <documentation> |
| Provides a mapping from checksum algorithm id and <code>java.security.MessageDigest</code> implementations. |
| |
| <p>p2 detects errors which may have been introduced during artifact transmission/storage by calculating artifact checksum using MD5 hash function. As a <a href="https://en.wikipedia.org/wiki/Collision_attack">collision attack</a> and a <a href="https://en.wikipedia.org/wiki/Chosen-prefix_collision_attack">chosen-prefix collision attack</a> against MD5 have been demonstrated in public, it can be used but only to detect unintentional corruption. Current implementation is not extensible and doesn't allow to use other, more collision-resistant, hash functions.</p> |
| |
| <p>With this extension point, any <code>java.security.MessageDigest</code> from Java Security API can be used to check integrity of artifacts. For more information on these APIs, see <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html">Java Cryptography Architecture (JCA) Reference Guide</a>.</p> |
| </documentation> |
| </annotation> |
| |
| <element name="extension"> |
| <annotation> |
| <appInfo> |
| <meta.element /> |
| </appInfo> |
| </annotation> |
| <complexType> |
| <sequence> |
| <element ref="artifactChecksum" minOccurs="1" maxOccurs="unbounded"/> |
| </sequence> |
| <attribute name="point" type="string" use="required"> |
| <annotation> |
| <documentation> |
| |
| </documentation> |
| </annotation> |
| </attribute> |
| <attribute name="id" type="string"> |
| <annotation> |
| <documentation> |
| |
| </documentation> |
| </annotation> |
| </attribute> |
| <attribute name="name" type="string"> |
| <annotation> |
| <documentation> |
| |
| </documentation> |
| <appInfo> |
| <meta.attribute translatable="true"/> |
| </appInfo> |
| </annotation> |
| </attribute> |
| </complexType> |
| </element> |
| |
| <element name="artifactChecksum"> |
| <complexType> |
| <attribute name="id" type="string" use="required"> |
| <annotation> |
| <documentation> |
| id of the checksum algorithm, i.e. <code>sha-512</code>. |
| |
| As other tools will rely on this id, consider using some well-defined value (i.e. <a href="https://www.iana.org/assignments/hash-function-text-names/hash-function-text-names.xhtml">Hash Function Textual Names</a> ). |
| </documentation> |
| </annotation> |
| </attribute> |
| <attribute name="algorithm" type="string" use="required"> |
| <annotation> |
| <documentation> |
| Name of the message digest algorithm as expected by <code>java.security.MessageDigest</code>'s method <code>getInstance(String)</code>. Also check the MessageDigest section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard algorithm names. |
| </documentation> |
| </annotation> |
| </attribute> |
| </complexType> |
| </element> |
| |
| <annotation> |
| <appInfo> |
| <meta.section type="since"/> |
| </appInfo> |
| <documentation> |
| 2.4.0 |
| </documentation> |
| </annotation> |
| |
| <annotation> |
| <appInfo> |
| <meta.section type="examples"/> |
| </appInfo> |
| <documentation> |
| To enable support for MessageDigest implementation which is provided by a statically registered Provider, contributing bundle should only register an extension: |
| |
| <pre> |
| <extension point="org.eclipse.equinox.p2.artifact.repository.artifactChecksums"> |
| <artifactChecksum |
| algorithm="SHA3-512" |
| id="sha3-512"> |
| </artifactChecksum> |
| </extension> |
| </pre> |
| |
| If the MessageDigest implementation is provided by a custom Provider (from the contributing bundle itself or some other bundle), it should be first dynamically registered: |
| |
| <pre> |
| import java.security.Security; |
| import org.bouncycastle.jce.provider.BouncyCastleProvider; |
| |
| public class Activator implements BundleActivator { |
| |
| public void start(BundleContext context) throws Exception { |
| Security.addProvider(new BouncyCastleProvider()); |
| } |
| } |
| </pre> |
| </documentation> |
| </annotation> |
| |
| <annotation> |
| <appInfo> |
| <meta.section type="implementation"/> |
| </appInfo> |
| <documentation> |
| Contributes a checksum algorithm with id <code>sha-256</code> and maps it to <code>SHA-256</code> MessageDigest implementation. |
| </documentation> |
| </annotation> |
| |
| <annotation> |
| <appInfo> |
| <meta.section type="copyright"/> |
| </appInfo> |
| <documentation> |
| Copyright (c) 2015, 2018 Mykola Nikishov. |
| |
| This program and the accompanying materials are made |
| available under the terms of the Eclipse Public License 2.0 which |
| accompanies this distribution, and is available at |
| <a href="https://www.eclipse.org/legal/epl-2.0">https://www.eclipse.org/legal/epl-v20.html</a>/ |
| |
| SPDX-License-Identifier: EPL-2.0 |
| </documentation> |
| </annotation> |
| |
| </schema> |