sbl − sbl input file (Secure Basic Launcher) configuration files are stylized Java property files using the UTF-8 character set with an end of line indicated by a carriage return followed by a line feed. While the file name extension is the file type can be determined by their first line:

#(!m.T application/vnd.bzdev.sblauncher)

which encodes the file’s media type (MIME type). The remainder of the file contains a key given as a qualified name, followed by an "=", and finally followed by a value. If the key starts with "base64", the value is URL-safe base-64 encoded with no line breaks. Similarly if the key starts with "ebase64", the value is encrypted with GPG and then encoded using the URL-safe base-64 encoding. There are several reserved keys (property names): A base-64 encoded value That consists of the GPG key IDs used to encrypt the values of keys, with each pair of GPG key IDs separated by a NEWLINE character. A user-specified title to display for this file. The public key. The GPG-encrypted private key The file name for an additional trust store to use in addition to the Java "cacerts" default. A trust store contains self-signed certificates that are deemed to be trusted for signing other certificates. This entry is useful for software testing. The password for the trust store file. The value is if a self-signed server’s certificate can be automatically accepted; otherwise. The value is if the server can be found on the loopback interface; otherwise. This option was provided mainly for stand-alone testing. The remaining keys are partially user-specified. For each name that user chooses, the corresponding keys are The value is a textual description for this entry. The value is the type of the passphrase generated The value is the user-supplied password, which is automatically provided when add-entry option is used. In an SBL file, these values are encoded as the integers 0, 1, 2, or 3 respectively. The value is the URI used to find a protected part of a web site, a URL that represents a directory or some similar URL/URI path component. It should end with the character which will append if necessary when its "add entry" function is used to set up a new entry. The value is the URI used to find a web site. It should start with the value of when generating this field, the program will ask the user for a relative path and query, and that will be appended to the string which is expanded to the value of corresponding to the key NAME.base, when "add entry" function is used to set up a new entry. The value is the user’s login name for this web site. For keys that do not start with or when a value contains that expression will be replaced with the value corresponding to The escape sequence is treated as a single Substitutions are not performed when an SBL file is being edited by the program When a JSON object is produced by the object will be printed to standard output is a JSON object with two name-value pairs with the following keys: The value is a JSON object The value is an SBL file that is Base-64 encoded and contains the fields used by a client. For the key, the value is a JSON object with the following keys: A title for this object The base-64 encoded public key for a user. The decoded value specifies a signature algorithm and a PEM-encoded public key. A user name, where is an identifier specifying a group of entries. is a password, base64 encoded, where is an identifier specifying a group of entries. The base URI, where is an identifier specifying a group of entries. The description for this server + base, where is an identifier specifying a group of entries. The mode as an integer (this will frequently be "2" indicating the enumeration constant defined by the enumeration where is an identifier specifying a group of entries. When an SBL file is provided by a server, it will contain two additional fields This field will have the value indicating that the file was download from a server, will generally not be modified, and that SBL can use a simplified user interface. This field contains a Base-64 encoded SHA-256 message digest covering the PEM formated private key (including the signature algoritm), the password, the mode (as a small integer as described above), the user name, the base URI, and the URI to visit when logging in. The digest is encrypted using GPG or PGP. Since the digest covers fields that a third party cannot read, a "man in the middle" cannot alter the fields in an SBL file used to estabilish a connection and authorize a user without the alteration being detected. When an account is being created, one can request data from the server, and that data will be returned as an SBL file. In this case, the fields in this SBL file are The values are described above. When present, the value will always be The value is either in which case a GPG key should be uploaded or in which case an SBL file providing the user name, password, and public key should be uploaded. This field lists the recipients that can decrypt a GPG encrypted value. This field provides the user name This provides the ’base’ URL - basically the common portion of URLs that should be authenticated This field provides the remainder of a path to add to the base to indicate the URL to use to log in or set up an account. (a ’/’ will be automatically added to the base URL if the base URL does not end in a ’/’). Fields such as and/or may also be present, primarily during testing, and a digest field is not provided.