## $Log: IJCE.properties,v $## Revision 1.1.1.1  2002/08/27 11:49:30  grosbois## Imported source from cryptix 3.2#### Revision 1.2  2000/08/17 12:01:48  edwin## java.security.* -> xjava.security.*#### Revision 1.1  2000/04/25 16:19:21  edwin## This file was moved from src/ijce-lib/ to src/java/security/.#### Revision 1.8  1998/01/28 05:55:38  hopwood## + Added properties for test provider.#### Revision 1.7  1997/12/07 07:37:18  hopwood## + Made sure this is up-to-date with the version I've been testing with.#### Revision 1.6  1997/12/03 02:19:38  iang## + Set debugging to 0.#### Revision 1.5  1997/11/29 04:49:00  hopwood## + Committed changes below.#### Revision 1.4.1  1997/11/27  hopwood## + Changed Type properties for JCE 1.2.## + Removed Override.*.## + Changed format of internationalisation properties.#### Revision 1.4  1997/11/23 06:56:38  hopwood## + Switched off tracing for Cipher and Mode.## + Set Debug.Level.* to 3.#### Revision 1.3  1997/11/21 05:37:14  hopwood## + Committed changes below.#### Revision 1.2.1  1997/11/17  David Hopwood## + Changed "Internal.Debug.Level" to "Debug.Level".#### Revision 1.2  1997/11/07 05:53:26  raif## *** empty log message ***#### $Endlog$## Copyright (c) 1997 Systemics Ltd# on behalf of the Cryptix Development Team.  All rights reserved.## Properties file for IJCE.# Important: no secret information should be stored in this file.# ----------------------------------------------------------------------# Debugging properties## To set the default debugging level, use#   Debug.Level.* = ...## These properties MUST be unset for normal operation.# Setting them may reveal secret information in debugging messages.# ----------------------------------------------------------------------Debug.Level.* = 0# ----------------------------------------------------------------------# Tracing properties## Whether calls to SPI methods for a class are to be logged (= true) or not# (= false). This can produce a lot of output, and for security reasons,# it should _only_ be used when debugging an algorithm or the JCE# implementation, when all code running in the VM is trusted.# ----------------------------------------------------------------------# examples:#Trace.Cipher = true#Trace.PaddingScheme = true#Trace.cryptix.provider.md.SHA1 = true# ----------------------------------------------------------------------# Algorithm types## IJCE allows new types of algorithm to be configured and accessed via# the IJCE.getImplementation(...) methods.## The classes configured here must have a zero-argument constructor, and# that constructor must not make security checks that rely on stack# depth.# ----------------------------------------------------------------------Type.Cipher = xjava.security.CipherType.Mode = xjava.security.ModeType.PaddingScheme = xjava.security.PaddingSchemeType.KeyGenerator = xjava.security.KeyGeneratorType.KeyPairGenerator = java.security.KeyPairGeneratorType.MessageDigest = java.security.MessageDigestType.Signature = java.security.Signature# To be implemented in IJCE 1.2:#Type.Transform = java.io.transform.Transform#Type.Padding = java.io.transform.Padding#Type.Generator = java.util.Generator#Type.KeyFormatter = java.security.KeyFormatter#Type.AlgorithmParameters = java.security.AlgorithmParameters#Type.AlgorithmParameterGenerator = java.security.AlgorithmParameterGenerator# ----------------------------------------------------------------------# Test algorithms## These will only be available when java.security.IJCE_TestProvider is# installed as a security provider.# ----------------------------------------------------------------------# trivial stream cipher (add n to each byte, mod 256)Cipher.test.ROTn = java.security.IJCE_ROTn# trivial block cipher (rotate each block to the right by n bytes)Cipher.test.TRANSn = java.security.IJCE_TRANSn# trivial message digest (sum of all bytes, mod 2^32)MessageDigest.test.SUM = java.security.IJCE_SUM# also need padding scheme, signature algorithm, key agreement.# ----------------------------------------------------------------------# Message strings used for internationalisation## Languages other than the fallback (International English) can be added# using properties ending with ".language[_country]" (e.g. ".de" for# German, ".fr_CA" for Canadian French, etc).## The language codes are defined by ISO-639, and the country codes by# ISO-3166. See for example#   http://www.ics.uci.edu/pub/ietf/http/related/iso639.txt# and#   http://www.chemie.fu-berlin.de/diverse/doc/ISO_3166.html## The locale to be used is given by java.util.Locale.getDefaultLocale(),# which looks for the user.language and user.region system properties.# \uxxxx escapes may be included in the translations.## If anyone wants to provide translations, feel free to send them to# hopwood@zetnet.co.uk.# ----------------------------------------------------------------------Msg.target.AddSecurityProvider = Add a new security provider to the system. This is high-risk because it could allow a malicious version of an algorithm to be installed, that modifies or eavesdrops on data, or leaks secret key information, for example. Only grant this privilege if you are certain that the requester is trustworthy, and that any new algorithms will be correctly implemented.Msg.target.RemoveSecurityProvider = Remove a security provider from the system. This is high-risk because it could be used to remove algorithms that are being relied on by other trusted code, causing that code to fail unpredictably. Only grant this privilege if you are certain that the requester is trustworthy.Msg.target.SecurityPropertyRead = Read the security properties. This is low-risk, since secret data should not be stored in the properties.Msg.target.SecurityPropertyWrite = Change the value of any security property. This is high-risk because it allows modifying properties that are being relied on by other trusted code, possibly causing that code to fail. Only grant this privilege if you are certain that the requester is trustworthy.Msg.target.GetSecurityProviders = Get a reference to any security Provider object. Note that in some Java implementations there is a bug which allows this privilege to be used to write any provider property; the risk level will be high if that bug is present.