aboutsummaryrefslogtreecommitdiff
path: root/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2020-04-06 10:22:31 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2020-04-06 10:22:31 +0200
commitaebaed0e889413491b5769babf39a200bd312992 (patch)
treeed6f6e115272ef918e16eda464cc8c3ba6b1fe0f /id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
parentf88e1049d4e22d4d4a168a30a997a479564aa7ff (diff)
parente82fd34793ae92e755f6b203fbcad53ee3d9581e (diff)
downloadmoa-id-spss-aebaed0e889413491b5769babf39a200bd312992.tar.gz
moa-id-spss-aebaed0e889413491b5769babf39a200bd312992.tar.bz2
moa-id-spss-aebaed0e889413491b5769babf39a200bd312992.zip
Merge branch 'current_development' into development_preview
# Conflicts: # id/history.txt
Diffstat (limited to 'id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml')
-rw-r--r--id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml40
1 files changed, 40 insertions, 0 deletions
diff --git a/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
new file mode 100644
index 000000000..46052053a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/eIDAS/EncryptModule.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule encrypt with JKS.</comment>
+
+ <entry key="check_certificate_validity_period">false</entry>
+ <entry key="disallow_self_signed_certificate">false</entry>
+ <entry key="response.encryption.mandatory">false</entry>
+
+ <!-- Data Encryption algorithm -->
+ <entry key="data.encryption.algorithm">http://www.w3.org/2009/xmlenc11#aes256-gcm</entry>
+
+ <!-- Decryption algorithm Whitelist-->
+ <entry key="encryption.algorithm.whitelist">
+ http://www.w3.org/2009/xmlenc11#aes128-gcm;
+ http://www.w3.org/2009/xmlenc11#aes256-gcm;
+ http://www.w3.org/2009/xmlenc11#aes192-gcm
+ </entry>
+
+ <!-- Key Encryption algorithm -->
+ <entry key="key.encryption.algorithm">http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</entry>
+
+ <entry key="keyStorePath">keys/eidasKeyStore.jks</entry>
+ <entry key="keyStoreType">JKS</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+
+ <!-- Management of the encryption activation -->
+ <entry key="encryptionActivation">eIDAS/encryptionConf.xml</entry>
+
+ <entry key="responseToPointIssuer.BE">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium,C=BE</entry>
+ <entry key="responseToPointSerialNumber.BE">54C8F779</entry>
+
+ <!-- If not present then no decryption will be applied on response -->
+ <entry key="responseDecryptionIssuer">CN=local-demo-cert, OU=DIGIT, O=European Comission, L=Brussels, ST=Belgium, C=BE</entry>
+ <entry key="serialNumber">54C8F779</entry>
+
+
+</properties> \ No newline at end of file