ijce.properties

国外的一套开源CRM

## $Log: IJCE.properties,v $
## Revision 1.1  2003/08/18 19:36:15  jonesde
## Added thirdparty stuff.
##
## Revision 1.1.1.1  2003/08/17 09:22:45  azeneski
##
##
## Revision 1.1  2003/01/13 23:11:05  azeneski
## I have been given permission by David Adkins from WorldPay US to supply these libs with OFBiz
##
## Revision 1.7  1997/12/07 07:37:18  hopwood
## + Made sure this is up-to-date with the version I've been testing with.
##
## Revision 1.6  1997/12/03 02:19:38  iang
## + Set debugging to 0.
##
## Revision 1.5  1997/11/29 04:49:00  hopwood
## + Committed changes below.
##
## Revision 1.4.1  1997/11/27  hopwood
## + Changed Type properties for JCE 1.2.
## + Removed Override.*.
## + Changed format of internationalisation properties.
##
## Revision 1.4  1997/11/23 06:56:38  hopwood
## + Switched off tracing for Cipher and Mode.
## + Set Debug.Level.* to 3.
##
## Revision 1.3  1997/11/21 05:37:14  hopwood
## + Committed changes below.
##
## Revision 1.2.1  1997/11/17  David Hopwood
## + Changed "Internal.Debug.Level" to "Debug.Level".
##
## Revision 1.2  1997/11/07 05:53:26  raif
## *** empty log message ***
##
## $Endlog$
#
# Copyright (c) 1997 Systemics Ltd
# on behalf of the Cryptix Development Team.  All rights reserved.
#
# Properties file for IJCE.
# Important: no secret information should be stored in this file.


# ----------------------------------------------------------------------
# Debugging properties
#
# To set the default debugging level, use
#   Debug.Level.* = ...
#
# These properties MUST be unset for normal operation.
# Setting them may reveal secret information in debugging messages.
# ----------------------------------------------------------------------
Debug.Level.* = 0


# ----------------------------------------------------------------------
# Tracing properties
#
# Whether calls to SPI methods for a class are to be logged (= true) or not
# (= false). This can produce a lot of output, and for security reasons,
# it should _only_ be used when debugging an algorithm or the JCE
# implementation, when all code running in the VM is trusted.
# ----------------------------------------------------------------------
# examples:
#Trace.Cipher = true
#Trace.PaddingScheme = true

#Trace.cryptix.provider.md.SHA1 = true


# ----------------------------------------------------------------------
# Algorithm types
#
# IJCE allows new types of algorithm to be configured and accessed via
# the IJCE.getImplementation(...) methods.
#
# The classes configured here must have a zero-argument constructor, and
# that constructor must not make security checks that rely on stack
# depth.
# ----------------------------------------------------------------------
Type.Cipher = java.security.Cipher
Type.Mode = java.security.Mode
Type.PaddingScheme = java.security.PaddingScheme
Type.KeyGenerator = java.security.KeyGenerator
Type.KeyPairGenerator = java.security.KeyPairGenerator
Type.MessageDigest = java.security.MessageDigest
Type.Signature = java.security.Signature

# To be implemented in IJCE 1.2:
Type.xCipher = javax.crypto.Cipher
Type.xMode = javax.crypto.Mode
Type.xPadding = javax.crypto.Padding
Type.xKeyGenerator = javax.crypto.KeyGenerator
Type.ExtendedPublicKey = java.security.ExtendedPublicKey
Type.ExtendedPrivateKey = java.security.ExtendedPrivateKey
Type.AlgorithmParameters = java.security.AlgorithmParameters
Type.AlgorithmParameterGenerator = java.security.AlgorithmParameterGenerator

# ----------------------------------------------------------------------
# Message strings used for internationalization
#
# Languages other than the fallback (International English) can be added
# using properties ending with ".language[_country]" (e.g. ".de" for
# German, ".fr_CA" for Canadian French, etc).
#
# The language codes are defined by ISO-639, and the country codes by
# ISO-3166. See for example
#   http://www.ics.uci.edu/pub/ietf/http/related/iso639.txt
# and
#   http://www.chemie.fu-berlin.de/diverse/doc/ISO_3166.html
#
# The locale to be used is given by java.util.Locale.getDefaultLocale(),
# which looks for the user.language and user.region system properties.
# \uxxxx escapes may be included in the translations.
#
# If anyone wants to provide translations, feel free to send them to
# hopwood@zetnet.co.uk.
# ----------------------------------------------------------------------
Msg.target.AddSecurityProvider = Add a new security provider to the system. This is high-risk because it could allow a malicious version of an algorithm to be installed, that modifies or eavesdrops on data, or leaks secret key information, for example. Only grant this privilege if you are certain that the requester is trustworthy, and that any new algorithms will be correctly implemented.
Msg.target.RemoveSecurityProvider = Remove a security provider from the system. This is high-risk because it could be used to remove algorithms that are being relied on by other trusted code, causing that code to fail unpredictably. Only grant this privilege if you are certain that the requester is trustworthy.
Msg.target.SecurityPropertyRead = Read the security properties. This is low-risk, since secret data should not be stored in the properties.
Msg.target.SecurityPropertyWrite = Change the value of any security property. This is high-risk because it allows modifying properties that are being relied on by other trusted code, possibly causing that code to fail. Only grant this privilege if you are certain that the requester is trustworthy.
Msg.target.GetSecurityProviders = Get a reference to any security Provider object. Note that in some Java implementations there is a bug which allows this privilege to be used to write any provider property; the risk level will be high if that bug is present.