Simple Signature Control File
<?xml version="1.0" encoding="ISO-8859-1"?>
<signaturefile>
</signaturefile>

More Detailed Signature Control File
<?xml version="1.0" encoding="ISO-8859-1"?>
<signaturefile>
<directory name="." count="3">
</directory>
<directory name="com/unisoft/xlets" count="1">
<object name="HelloXlet.class" authenticate="true"></object>
<object name="Hello2.class" authenticate="true"></object>
<object name="UniSoft.PNG" authenticate="true"></object>
<object name="Hello3.class" authenticate="true"></object>
</directory>
<directory name="hashtest/hashdir">
<object name="hashdir" authenticate="false"></object> 
<object name=dontauthbutmakesureitthethere.txt" authenticate="false" exist="true"></object>
</directory>
</signaturefile>

Notes:

  1. The Simple Signature Control File above will result in all files being authenticated through the calculation of the hash value. An ocap.hashfile will be created in all directories and sub-directories from the application root.
  2. Use the More Detailed Signature Control File as a basis for building a control file which can omit files from the hashing process or include files in the ocap.hashfile as non-authenticated entries.

  3. Each directory which contains files that require special directives must be included in the Signature Control File.

  4. The count attribute can be included to break the authenticated files in groups of a defined size. If count has a value of 1, each authenticated file will have a separate hash value in the ocap.hashfile. With a count of 0, all authenticated files will have a single hash value in the ocap.hashfile.

  5. For the authenticate attribute, the action to be applied to the file is as follows:

    true the file is to be included in the authenticated files
    false the file is to be included in the non-authenticated files
    omit the file is not to be included in the ocap.hashfile