43 # requested). The order is 1-based; 1 is the most preferred, followed
44 # by 2, and so on.
45 #
46 # <provName> must specify the name of the Provider as passed to its super
47 # class java.security.Provider constructor. This is for providers loaded
48 # through the ServiceLoader mechanism.
49 #
50 # <className> must specify the subclass of the Provider class whose
51 # constructor sets the values of various properties that are required
52 # for the Java Security API to look up the algorithms or other
53 # facilities implemented by the provider. This is for providers loaded
54 # through classpath.
55 #
56 # Note: Providers can be dynamically registered instead by calls to
57 # either the addProvider or insertProviderAt method in the Security
58 # class.
59
60 #
61 # List of providers and their preference orders (see above):
62 #
63 #ifdef solaris
64 # Note: The OracleUcrypto provider is deprecated and subject to removal in
65 # a future version of the JDK.
66 security.provider.tbd=OracleUcrypto
67 security.provider.tbd=SunPKCS11 ${java.home}/conf/security/sunpkcs11-solaris.cfg
68 #endif
69 security.provider.tbd=SUN
70 security.provider.tbd=SunRsaSign
71 security.provider.tbd=SunEC
72 security.provider.tbd=SunJSSE
73 security.provider.tbd=SunJCE
74 security.provider.tbd=SunJGSS
75 security.provider.tbd=SunSASL
76 security.provider.tbd=XMLDSig
77 security.provider.tbd=SunPCSC
78 security.provider.tbd=JdkLDAP
79 security.provider.tbd=JdkSASL
80 #ifdef windows
81 security.provider.tbd=SunMSCAPI
82 #endif
83 #ifdef macosx
84 security.provider.tbd=Apple
85 #endif
86 #ifndef solaris
87 security.provider.tbd=SunPKCS11
88 #endif
89
90 #
91 # A list of preferred providers for specific algorithms. These providers will
92 # be searched for matching algorithms before the list of registered providers.
93 # Entries containing errors (parsing, etc) will be ignored. Use the
94 # -Djava.security.debug=jca property to debug these errors.
95 #
96 # The property is a comma-separated list of serviceType.algorithm:provider
97 # entries. The serviceType (example: "MessageDigest") is optional, and if
98 # not specified, the algorithm applies to all service types that support it.
99 # The algorithm is the standard algorithm name or transformation.
100 # Transformations can be specified in their full standard name
101 # (ex: AES/CBC/PKCS5Padding), or as partial matches (ex: AES, AES/CBC).
102 # The provider is the name of the provider. Any provider that does not
103 # also appear in the registered list will be ignored.
104 #
105 # There is a special serviceType for this property only to group a set of
106 # algorithms together. The type is "Group" and is followed by an algorithm
107 # keyword. Groups are to simplify and lessen the entries on the property
108 # line. Current groups are:
109 # Group.SHA2 = SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
110 # Group.HmacSHA2 = HmacSHA224, HmacSHA256, HmacSHA384, HmacSHA512
111 # Group.SHA2RSA = SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA
112 # Group.SHA2DSA = SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA
113 # Group.SHA2ECDSA = SHA224withECDSA, SHA256withECDSA, SHA384withECDSA, \
114 # SHA512withECDSA
115 # Group.SHA3 = SHA3-224, SHA3-256, SHA3-384, SHA3-512
116 # Group.HmacSHA3 = HmacSHA3-224, HmacSHA3-256, HmacSHA3-384, HmacSHA3-512
117 #
118 # Example:
119 # jdk.security.provider.preferred=AES/GCM/NoPadding:SunJCE, \
120 # MessageDigest.SHA-256:SUN, Group.HmacSHA2:SunJCE
121 #
122 #ifdef solaris-sparc
123 # Optional Solaris-SPARC configuration for non-FIPS 140 configurations.
124 # jdk.security.provider.preferred=AES:SunJCE, SHA1:SUN, Group.SHA2:SUN, \
125 # HmacSHA1:SunJCE, Group.HmacSHA2:SunJCE
126 #
127 #endif
128 #jdk.security.provider.preferred=
129
130
131 #
132 # Sun Provider SecureRandom seed source.
133 #
134 # Select the primary source of seed data for the "NativePRNG", "SHA1PRNG"
135 # and "DRBG" SecureRandom implementations in the "Sun" provider.
136 # (Other SecureRandom implementations might also use this property.)
137 #
138 # On Unix-like systems (for example, Solaris/Linux/MacOS), the
139 # "NativePRNG", "SHA1PRNG" and "DRBG" implementations obtains seed data from
140 # special device files such as file:/dev/random.
141 #
142 # On Windows systems, specifying the URLs "file:/dev/random" or
143 # "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
144 # mechanism for SHA1PRNG and DRBG.
145 #
146 # By default, an attempt is made to use the entropy gathering device
147 # specified by the "securerandom.source" Security property. If an
148 # exception occurs while accessing the specified URL:
149 #
150 # NativePRNG:
151 # a default value of /dev/random will be used. If neither
152 # are available, the implementation will be disabled.
153 # "file" is the only currently supported protocol type.
154 #
155 # SHA1PRNG and DRBG:
156 # the traditional system/thread activity algorithm will be used.
157 #
158 # The entropy gathering device can also be specified with the System
|
43 # requested). The order is 1-based; 1 is the most preferred, followed
44 # by 2, and so on.
45 #
46 # <provName> must specify the name of the Provider as passed to its super
47 # class java.security.Provider constructor. This is for providers loaded
48 # through the ServiceLoader mechanism.
49 #
50 # <className> must specify the subclass of the Provider class whose
51 # constructor sets the values of various properties that are required
52 # for the Java Security API to look up the algorithms or other
53 # facilities implemented by the provider. This is for providers loaded
54 # through classpath.
55 #
56 # Note: Providers can be dynamically registered instead by calls to
57 # either the addProvider or insertProviderAt method in the Security
58 # class.
59
60 #
61 # List of providers and their preference orders (see above):
62 #
63 security.provider.tbd=SUN
64 security.provider.tbd=SunRsaSign
65 security.provider.tbd=SunEC
66 security.provider.tbd=SunJSSE
67 security.provider.tbd=SunJCE
68 security.provider.tbd=SunJGSS
69 security.provider.tbd=SunSASL
70 security.provider.tbd=XMLDSig
71 security.provider.tbd=SunPCSC
72 security.provider.tbd=JdkLDAP
73 security.provider.tbd=JdkSASL
74 #ifdef windows
75 security.provider.tbd=SunMSCAPI
76 #endif
77 #ifdef macosx
78 security.provider.tbd=Apple
79 #endif
80 security.provider.tbd=SunPKCS11
81
82 #
83 # A list of preferred providers for specific algorithms. These providers will
84 # be searched for matching algorithms before the list of registered providers.
85 # Entries containing errors (parsing, etc) will be ignored. Use the
86 # -Djava.security.debug=jca property to debug these errors.
87 #
88 # The property is a comma-separated list of serviceType.algorithm:provider
89 # entries. The serviceType (example: "MessageDigest") is optional, and if
90 # not specified, the algorithm applies to all service types that support it.
91 # The algorithm is the standard algorithm name or transformation.
92 # Transformations can be specified in their full standard name
93 # (ex: AES/CBC/PKCS5Padding), or as partial matches (ex: AES, AES/CBC).
94 # The provider is the name of the provider. Any provider that does not
95 # also appear in the registered list will be ignored.
96 #
97 # There is a special serviceType for this property only to group a set of
98 # algorithms together. The type is "Group" and is followed by an algorithm
99 # keyword. Groups are to simplify and lessen the entries on the property
100 # line. Current groups are:
101 # Group.SHA2 = SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
102 # Group.HmacSHA2 = HmacSHA224, HmacSHA256, HmacSHA384, HmacSHA512
103 # Group.SHA2RSA = SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA
104 # Group.SHA2DSA = SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA
105 # Group.SHA2ECDSA = SHA224withECDSA, SHA256withECDSA, SHA384withECDSA, \
106 # SHA512withECDSA
107 # Group.SHA3 = SHA3-224, SHA3-256, SHA3-384, SHA3-512
108 # Group.HmacSHA3 = HmacSHA3-224, HmacSHA3-256, HmacSHA3-384, HmacSHA3-512
109 #
110 # Example:
111 # jdk.security.provider.preferred=AES/GCM/NoPadding:SunJCE, \
112 # MessageDigest.SHA-256:SUN, Group.HmacSHA2:SunJCE
113 #
114 #jdk.security.provider.preferred=
115
116
117 #
118 # Sun Provider SecureRandom seed source.
119 #
120 # Select the primary source of seed data for the "NativePRNG", "SHA1PRNG"
121 # and "DRBG" SecureRandom implementations in the "Sun" provider.
122 # (Other SecureRandom implementations might also use this property.)
123 #
124 # On Unix-like systems (for example, Linux/MacOS), the
125 # "NativePRNG", "SHA1PRNG" and "DRBG" implementations obtains seed data from
126 # special device files such as file:/dev/random.
127 #
128 # On Windows systems, specifying the URLs "file:/dev/random" or
129 # "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
130 # mechanism for SHA1PRNG and DRBG.
131 #
132 # By default, an attempt is made to use the entropy gathering device
133 # specified by the "securerandom.source" Security property. If an
134 # exception occurs while accessing the specified URL:
135 #
136 # NativePRNG:
137 # a default value of /dev/random will be used. If neither
138 # are available, the implementation will be disabled.
139 # "file" is the only currently supported protocol type.
140 #
141 # SHA1PRNG and DRBG:
142 # the traditional system/thread activity algorithm will be used.
143 #
144 # The entropy gathering device can also be specified with the System
|