Home | History | Annotate | Download | only in security 
      1 # Licensed to the Apache Software Foundation (ASF) under one or more
      2 # contributor license agreements.  See the NOTICE file distributed with
      3 # this work for additional information regarding copyright ownership.
      4 # The ASF licenses this file to You under the Apache License, Version 2.0
      5 # (the "License"); you may not use this file except in compliance with
      6 # the License.  You may obtain a copy of the License at
      7 # 
      8 #     http://www.apache.org/licenses/LICENSE-2.0
      9 # 
     10 # Unless required by applicable law or agreed to in writing, software
     11 # distributed under the License is distributed on an "AS IS" BASIS,
     12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 # See the License for the specific language governing permissions and
     14 # limitations under the License.
     15 
     16 # This is the system security properties file
     17 # It should be named: ${java.home}/lib/security/java.security
     18 
     19 
     20 #
     21 # Providers
     22 # See also: J2SE doc. "How to Implement a Provider for the JavaTM Cryptography Architecture"
     23 #
     24 # Android's provider of OpenSSL backed implementations
     25 security.provider.1=org.apache.harmony.xnet.provider.jsse.OpenSSLProvider
     26 # Favor Harmony's CertificateFactory.X509 over BouncyCastle's
     27 security.provider.2=org.apache.harmony.security.provider.cert.DRLCertFactory
     28 # Android's stripped down BouncyCastle provider
     29 security.provider.3=org.bouncycastle.jce.provider.BouncyCastleProvider
     30 # Remaining Harmony providers
     31 security.provider.4=org.apache.harmony.security.provider.crypto.CryptoProvider
     32 security.provider.5=org.apache.harmony.xnet.provider.jsse.JSSEProvider
     33 
     34 #
     35 # Class to instantiate as a default Configuration implementation
     36 # See specification for javax.security.auth.login.Configuration class.
     37 #
     38 login.configuration.provider=org.apache.harmony.auth.login.DefaultConfiguration
     39 
     40 
     41 #
     42 # Flag to enable/disable append/overwrite this properties file by the 
     43 # extra properties file passed on the command line with
     44 # -Djava.security.properties=<file|url> or -Djava.security.properties==<file|url>
     45 # Possible values: true/false.
     46 #
     47 security.allowCustomPropertiesFile=true
     48 
     49 
     50 # Class to instantiate as the default system Policy.
     51 # The class should be available via bootclasspath.
     52 # See specification for java.security.Policy class.
     53 policy.provider=org.apache.harmony.security.fortress.DefaultPolicy
     54 
     55 
     56 # The default is to have a single system-wide policy file,
     57 # and an optional policy file in the user's home directory.
     58 # It is possible to specify any number of policy files, via policy.url.n keys.
     59 # See also: "JavaTM 2 Platform Security Architecture.", chapter 3. Permissions and Security Policy
     60 policy.url.1=file:/${java.home}/lib/security/java.policy
     61 policy.url.2=file:/${user.home}/.java.policy
     62 
     63 
     64 # Flag to enable/disable properties expansion (${...}) in policy files. 
     65 # Possible values: true/false.
     66 # See also: "JavaTM 2 Platform Security Architecture.", chapter 3. Permissions and Security Policy
     67 policy.expandProperties=true
     68 
     69 
     70 # Flag to enable/disable an extra policy to be passed on the command line
     71 # with -Djava.security.policy=<file|url>. Possible values: true/false.
     72 # See also: "JavaTM 2 Platform Security Architecture.", chapter 3. Permissions and Security Policy
     73 policy.allowSystemProperty=true
     74 
     75 
     76 # A comma-separated list of package prefixes that require 
     77 # extra protection at ClassLoader's level. 
     78 # See java/lang/SecurityManager#checkPackageAccess for more details.
     79 package.access=org.apache.harmony.security.fortress.,com.intel.fortress.,com.ibm.oti.
     80 
     81 
     82 # Class to instantiate as default JGSS manager.
     83 jgss.spi.manager=
     84 
     85 
     86 # The default SSLSocketFactory and SSLServerSocketFactory provider implementations.
     87 # See specification for 
     88 # javax/net/ssl/SSLSocketFactory.html#getDefault()
     89 # javax/net/ssl/SSLServerSocketFactory.html#getDefault()
     90 
     91 # BEGIN android-changed
     92 ssl.SocketFactory.provider=org.apache.harmony.xnet.provider.jsse.OpenSSLSocketFactoryImpl
     93 # END android-changed
     94 
     95 # BEGIN android-added
     96 # Use the definition above to get the new, OpenSSL-based SSL implementation,
     97 # or use this one to get the old, Android-based SSL implementation.
     98 # ssl.SocketFactory.provider=javax.net.ssl.OldSSLSocketFactory
     99 # END android-added
    100 
    101 # For SSL server sockets, there's only the new, OpenSSL-based implementation.
    102 ssl.ServerSocketFactory.provider=org.apache.harmony.xnet.provider.jsse.OpenSSLServerSocketFactoryImpl
    103 
    104 # Default KeyStore type.
    105 # See specification for java/security/KeyStore.html#getDefaultType()
    106 keystore.type=BKS
    107 
    108 
    109 # Default KeyManagerFactory and TrustManagerFactory algorithms. 
    110 # See specification for
    111 # javax/net/ssl/KeyManagerFactory.html#getDefaultAlgorithm()
    112 # javax/net/ssl/TrustManagerFactory.html#getDefaultAlgorithm()
    113 ssl.KeyManagerFactory.algorithm=X509
    114 ssl.TrustManagerFactory.algorithm=X509
    115 
    116 # system.scope is used to specify implementation class of IdentityScope
    117 # this class should can be loaded by boot classloader
    118 system.scope=org.apache.harmony.security.SystemScope
    119 
    120 # BEGIN android-added
    121 # The following non-standard property controls peer certificate validation.
    122 ssl.disablePeerCertificateChainVerification=false
    123 # END android-added
    124