diff options
| author | lloyd <[email protected]> | 2007-11-14 16:07:18 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2007-11-14 16:07:18 +0000 |
| commit | 2de4693562db51f6f0e0b2f3a95e3118c40db05d (patch) | |
| tree | 156630241ee90cd2e15bc601d99aaad19cf7b0ea /misc | |
| parent | f42ff9817bd2d25401bd8fd0cd8186dc82810a63 (diff) | |
Remove the ability to load an external configuration file. Applications
needing this functionality probably already have a preexisting configuration
system that they would rather use.
Also remove the documentation about this feature, and the example
configuration (which was pretty out of date, anyway).
RFC on this change sent to the mailing list on 11-13-2007, no responses
after 24 hours. It seems quite likely this code is not in use anywhere.
Diffstat (limited to 'misc')
| -rw-r--r-- | misc/botan.rc | 225 |
1 files changed, 0 insertions, 225 deletions
diff --git a/misc/botan.rc b/misc/botan.rc deleted file mode 100644 index aaa1b3f91..000000000 --- a/misc/botan.rc +++ /dev/null @@ -1,225 +0,0 @@ -# Botan configuration (v1.4.2) - -# This config, as shipped, matches the library defaults, but is much easier to -# tweak than recompiling everything. You can use it as a base for your own -# configurations. Read section 10.4 "Configuration Files" in the API doc for -# more information. - -[base] -memory_chunk = 32*1024 # size of the chunk of memory allocated at once -default_pbe = PBE-PKCS5v20(SHA-1,TripleDES/CBC) -pkcs8_tries = 3 - -[pk] -blinder_size = 64 -test/public = basic -test/private = basic -test/private_gen = all - -[pem] -search = 4*1024 -forgive = 8 -width = 64 - -[rng] -# LibraryInitializer will try to acquire at least this many bits of entropy -min_entropy = 384 -es_files = /dev/urandom:/dev/random # path for random devices -egd_path = /var/run/egd-pool:/dev/egd-pool # path to search for an EGD socket -ms_capi_prov_type = INTEL_SEC:RSA_FULL # prefered MS CryptoAPI providers -unix_path = /usr/ucb:/usr/etc:/etc - -[x509] -validity_slack = 24h # how much wiggle room is given when checking validity -v1_assume_ca = false # should v1/v2 certificates be considered CA certs? -cache_verify_results = 30m # how long to cache verification results - -[x509/ca] -allow_ca = false # should PKCS #10 requests be able to ask to be a CA? - # should basic_constraints be included in all certs, including end-user? -basic_constraints = always -default_expire = 1y # default expire time for new certs -signing_offset = 30s # offset the PKCS #10 validity times by this amount -rsa_hash = SHA-1 # what hash to use when using RSA to sign new certs -str_type = latin1 # default string encoding (latin1 or utf8) - -[x509/crl] -# can be 'ignore' or 'throw': ignore matches X.509-2000 behavior, throw is PKIX -unknown_critical = ignore - -# When generating a new CRL, this is the default next update time. Can also be -# set in the call to X509_CA::update_crl/X509_CA::new_crl as the last arg -next_update = 7d - -[x509/exts] -# Each of these can be one of: -# - critical: Extension is marked as critical, if we have the info for it -# - yes or noncritical: Extension is included if needed, but not critical -# - no: Extension is not included, even if the information is available -basic_constraints = critical -subject_key_id = yes -authority_key_id = yes -subject_alternative_name = yes -issuer_alternative_name = yes -key_usage = critical -extended_key_usage = yes -crl_number = yes - -[aliases] -Rijndael = AES -3DES = TripleDES -DES-EDE = TripleDES -CAST5 = CAST-128 -3-Way = ThreeWay -SHARK = SHARK-E -SEAL = SEAL-3.0-BE -SHA1 = SHA-160 -SHA-1 = SHA-160 # Don't change or remove this -MARK-4 = ARC4(256) - -OpenPGP.Cipher.1 = IDEA -OpenPGP.Cipher.2 = TripleDES -OpenPGP.Cipher.3 = CAST-128 -OpenPGP.Cipher.4 = Blowfish -OpenPGP.Cipher.5 = SAFER-SK(13) -OpenPGP.Cipher.7 = AES-128 -OpenPGP.Cipher.8 = AES-192 -OpenPGP.Cipher.9 = AES-256 -OpenPGP.Cipher.10 = Twofish - -OpenPGP.Digest.1 = MD5 -OpenPGP.Digest.2 = SHA-1 -OpenPGP.Digest.3 = RIPEMD-160 -OpenPGP.Digest.5 = MD2 -OpenPGP.Digest.6 = Tiger(24,3) -OpenPGP.Digest.7 = HAVAL(20,5) -OpenPGP.Digest.8 = SHA-256 - -TLS.Digest.0 = Parallel(MD5,SHA-1) - -EME-PKCS1-v1_5 = PKCS1v15 -OAEP-MGF1 = EME1 -EME-OAEP = EME1 -X9.31 = EMSA2 -EMSA-PKCS1-v1_5 = EMSA3 -PSS-MGF1 = EMSA4 -EMSA-PSS = EMSA4 - -[oids] -ISO_MEMBER = 1.2 -US_BODY = ISO_MEMBER.840 -X500 = 2.5 - -RSA_DSI = US_BODY.113549 -ANSI_X957 = US_BODY.10040 -ANSI_X942 = US_BODY.10046 -NIST_ALGO = 2.16.840.1.101.3.4 -PKIX_USAGE = 1.3.6.1.5.5.7.3 -GNU_PROJECT = 1.3.6.1.4.1.11591 -OIW_ALGO = 1.3.14.3.2 -DN_ATTR = X500.4 -X509_KU = X500.29 - -PKCS = RSA_DSI.1 -PKCS1 = PKCS.1 -PKCS5 = PKCS.5 -PKCS7 = PKCS.7 -PKCS9 = PKCS.9 - -DES/CBC = OIW_ALGO.7 -TripleDES/CBC = RSA_DSI.3.7 -RC2/CBC = RSA_DSI.3.2 -CAST-128/CBC = US_BODY.113533.7.66.10 -AES-128/CBC = NIST_ALGO.1.2 -AES-192/CBC = NIST_ALGO.1.22 -AES-256/CBC = NIST_ALGO.1.42 - -MD5 = RSA_DSI.2.5 -SHA-160 = OIW_ALGO.26 -Tiger(24,3) = GNU_PROJECT.12.2 - -KeyWrap.TripleDES = PKCS9.16.3.6 -KeyWrap.RC2 = PKCS9.16.3.7 -KeyWrap.CAST-128 = US_BODY.113533.7.66.15 -KeyWrap.AES-128 = NIST_ALGO.1.5 -KeyWrap.AES-192 = NIST_ALGO.1.25 -KeyWrap.AES-256 = NIST_ALGO.1.45 - -Compression.Zlib = PKCS9.16.3.8 - -RSA = PKCS1.1 -RSA = X500.8.1.1 -DSA = ANSI_X957.4.1 -DH = ANSI_X942.2.1 - -DSA/EMSA1(SHA-160)/DER = ANSI_X957.4.3 -DSA/EMSA1(SHA-160) = ANSI_X957.4.3 -RSA/EMSA3(MD2) = PKCS1.2 -RSA/EMSA3(MD5) = PKCS1.4 -RSA/EMSA3(SHA-160) = PKCS1.5 -RSA/EMSA3(SHA-256) = PKCS1.11 -RSA/EMSA3(SHA-384) = PKCS1.12 -RSA/EMSA3(SHA-512) = PKCS1.13 -RSA/EMSA3(RIPEMD-160) = 1.3.36.3.3.1.2 - -PBE-PKCS5v15(MD2,DES/CBC) = PKCS5.1 -PBE-PKCS5v15(MD2,RC2/CBC) = PKCS5.4 -PBE-PKCS5v15(MD5,DES/CBC) = PKCS5.3 -PBE-PKCS5v15(MD5,RC2/CBC) = PKCS5.6 -PBE-PKCS5v15(SHA-160,DES/CBC) = PKCS5.10 -PBE-PKCS5v15(SHA-160,RC2/CBC) = PKCS5.11 -PBE-PKCS5v20 = PKCS5.13 -PKCS5.PBKDF2 = PKCS5.12 - -CMS.DataContent = PKCS7.1 -CMS.SignedData = PKCS7.2 -CMS.EnvelopedData = PKCS7.3 -CMS.DigestedData = PKCS7.5 -CMS.EncryptedData = PKCS7.6 -CMS.AuthenticatedData = PKCS9.16.1.2 -CMS.CompressedData = PKCS9.16.1.9 - -PKCS9.EmailAddress = PKCS9.1 -PKCS9.UnstructuredName = PKCS9.2 -PKCS9.ContentType = PKCS9.3 -PKCS9.MessageDigest = PKCS9.4 -PKCS9.ChallengePassword = PKCS9.7 -PKCS9.ExtensionRequest = PKCS9.14 - -X520.CommonName = DN_ATTR.3 -X520.Surname = DN_ATTR.4 -X520.SerialNumber = DN_ATTR.5 -X520.Country = DN_ATTR.6 -X520.Locality = DN_ATTR.7 -X520.State = DN_ATTR.8 -X520.Organization = DN_ATTR.10 -X520.OrganizationalUnit = DN_ATTR.11 -X520.Title = DN_ATTR.12 -X520.GivenName = DN_ATTR.42 -X520.Initials = DN_ATTR.43 -X520.GenerationalQualifier = DN_ATTR.44 -X520.DNQualifier = DN_ATTR.46 -X520.Pseudonym = DN_ATTR.65 - -X509v3.SubjectKeyIdentifier = X509_KU.14 -X509v3.KeyUsage = X509_KU.15 -X509v3.SubjectAlternativeName = X509_KU.17 -X509v3.IssuerAlternativeName = X509_KU.18 -X509v3.BasicConstraints = X509_KU.19 -X509v3.CRLNumber = X509_KU.20 -X509v3.ReasonCode = X509_KU.21 -X509v3.HoldInstructionCode = X509_KU.23 -X509v3.InvalidityDate = X509_KU.24 -X509v3.CertificatePolicies = X509_KU.32 -X509v3.AuthorityKeyIdentifier = X509_KU.35 -X509v3.PolicyConstraints = X509_KU.36 -X509v3.ExtendedKeyUsage = X509_KU.37 - -PKIX.ServerAuth = PKIX_USAGE.1 -PKIX.ClientAuth = PKIX_USAGE.2 -PKIX.CodeSigning = PKIX_USAGE.3 -PKIX.EmailProtection = PKIX_USAGE.4 -PKIX.IPsecEndSystem = PKIX_USAGE.5 -PKIX.IPsecTunnel = PKIX_USAGE.6 -PKIX.IPsecUser = PKIX_USAGE.7 -PKIX.TimeStamping = PKIX_USAGE.8 |