About encryption.properties
This file specifies the encryption settings. BIRT loads the encryption type, encryption algorithm, and encryption keys from the encryption.properties file to do the encryption. The file contains pre-generated default keys for each of the supported algorithms.
You define the following properties in the encryption.properties file:
*
Encryption type
Type of algorithm. Specify one of the two values, symmetric encryption or public encryption. The default type is symmetric encryption.
*
Encryption algorithm
The name of the algorithm. You must specify the correct encryption type for each algorithm. For the symmetric encryption type, BIRT supports DES and DESede. For public encryption type, BIRT supports RSA.
*
Encryption mode
In cryptography, a block cipher algorithm operates on blocks of fixed length, which are typically 64 or 128 bits. Because messages can be of any length, and because encrypting the same plaintext with the same key always produces the same output, block ciphers support several modes of operation to provide confidentiality for messages of arbitrary length. Table 29-2 shows all supported modes.
Table 29-2  
Supported encryption modes
Mode
Description
None
No mode
CBC
Cipher Block Chaining Mode, as defined in the National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) PUB 81, “DES Modes of Operation,” U.S. Department of Commerce, Dec 1980
CFB
Cipher Feedback Mode, as defined in FIPS PUB 81
ECB
Electronic Codebook Mode, as defined in FIPS PUB 81
OFB
Output Feedback Mode, as defined in FIPS PUB 81
PCBC
Propagating Cipher Block Chaining
*
Encryption padding
Because a block cipher works on units of a fixed size, but messages come in a variety of lengths, some modes, for example CBC, require that the final block be padded before encryption. Several padding schemes exist. The supported paddings are shown in Table 29-3. All padding settings are applicable to all algorithms.
Table 29-3  
Supported encryption paddings 
Mode
Description
NoPadding
No padding.
OAEP
Optimal Asymmetric Encryption Padding (OAEP) is a padding scheme that is often used with RSA encryption.
PKCS5Padding
The padding scheme described in RSA Laboratories, “PKCS #5: Password-Based Encryption Standard,” version 1.5, November 1993. This encryption padding is the default.
SSL3Padding
The padding scheme defined in the SSL Protocol Version 3.0, November 18, 1996, section 5.2.3.2.
*
Encryption keys
Actuate provides pre-generated keys for all algorithms.
Listing 29-1 shows the default contents of encryption.properties.
Listing 29-1  
Default encryption.properties
#message symmetric encryption , public encryption.
type=symmetric encryption
 
#private encryption: DES(default), DESede
#public encryption: RSA
algorithm=DES
 
# NONE , CBC , CFB , ECB( default ) , OFB , PCBC
mode=ECB
# NoPadding , OAEP , PKCS5Padding( default ) , SSL3Padding
padding=PKCS5Padding
 
#For key , support default key value for algorithm
#For DESede ,DES we only need to support private key
#private key value of DESede algorithm : 20b0020…
#private key value of DES algorithm: 527c2qI
 
#for RSA algorithm , there is key pair. you should support private-public key pair
#private key value of RSA algorithm: 30820…
 
#public key value of RSA algorithm: 30819…
 
#private key
symmetric-key=527c23…
 
#public key
public-key=
Additional Links: Forums | Blogs | Support | Give Us Feedback | More...

Copyright Actuate Corporation 2012