aboutsummaryrefslogtreecommitdiff
path: root/release-infos/handbook/conf/moa-spss/svaconfig.example
diff options
context:
space:
mode:
authorThomas <>2021-03-24 12:16:25 +0100
committerThomas <>2021-03-24 12:16:25 +0100
commit835a395f3ecb7477b5b67e9da9bf3af58c86473a (patch)
tree916fa7705879063f6b83517d80197c37dc53caf8 /release-infos/handbook/conf/moa-spss/svaconfig.example
parenta972fba0402eca3c5fcfcd1eef1979808fd716a1 (diff)
parent666d8c9f8cec7573e60a14ab039c0874f6a9ec53 (diff)
downloadmoa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.tar.gz
moa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.tar.bz2
moa-sig-835a395f3ecb7477b5b67e9da9bf3af58c86473a.zip
Merge branch 'master' of gitlab.iaik.tugraz.at:egiz/moa-sig
# Conflicts: # moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java # moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
Diffstat (limited to 'release-infos/handbook/conf/moa-spss/svaconfig.example')
-rw-r--r--release-infos/handbook/conf/moa-spss/svaconfig.example97
1 files changed, 97 insertions, 0 deletions
diff --git a/release-infos/handbook/conf/moa-spss/svaconfig.example b/release-infos/handbook/conf/moa-spss/svaconfig.example
new file mode 100644
index 0000000..7be4541
--- /dev/null
+++ b/release-infos/handbook/conf/moa-spss/svaconfig.example
@@ -0,0 +1,97 @@
+# Format [key]=[value]
+#
+# Note that if an '=' is used in a key or value it has to be escaped: "\="
+
+##################### WebConfig #######################
+
+#The path to the sva configuration file
+#svaconfig=/data/sigval/incoming/svaconfig
+
+#The directories where to store the collected testdata
+#testdir=/data/sigval/incoming/test/
+
+#The basepath for signature validation
+#basepath=/data/sigval/incoming
+
+######################################################
+
+#The path prefix for all file system locations
+pathprefix=/home/user/example/prefix
+
+#The file where the xmldsig core schema is located
+xmlschemaloc=schema/xmldsig-core-schema.xsd
+
+#The root folder where truststore and certstore are created later on
+certroot=certs/example
+
+#The folder containing the trustanchors
+trustanchorloc=certs/example/trustanchors
+
+#The folder containing the timestampauthority trustanchors
+tsttrustanchorloc=certs/example/tstanchor
+
+#The folder containing alternative revocation information (comment out to use
+#infos contained in the certificate)
+#altdp=certs/example/revocation
+
+#The maximum age of a revocation information of a end user certificate in hours
+endusercertgrace=4382
+
+#The maximum age of a revocation information for a ca certificate in hours
+cacertgrace=4382
+
+tstcoherencetolerance=10
+
+#The maximum time difference (in hours) the signing-time property and a
+#time stamp
+#timestampdelay=24
+
+# Defines the forbidden hashing algorithms and the inception date
+# Format: {<algorithm name>, <inception date>};{<algname 2>, <inc date 2>}...
+hashconstraint={md5, 2000-08-08};{sha1, 2013-08-08}
+
+# Defines the minimum required key lengths
+# Format: {<algorithm name>, <min len>,<inception date>};{...}...
+keylenconstraint={rsa, 1024, 2000-08-08}
+
+# Defines the minimum required key lengths for CA Certificates
+# Format: {<algorithm name>, <min len>,<inception date>};{...}...
+cakeylenconstraint={rsa,512,2000-08-08}
+
+# Defines the minimum required key lengths for timestamps
+# Format: {<algorithm name>, <min len>,<inception date>};{...}...
+tstkeylenconstraint={rsa, 1024, 2000-08-08}
+
+# Defines the mapping from sub indications to main indications.
+# If a sub indication1 is not present or empty, the default mappings are used.
+# See "Final draft ETSI EN 319 102-1 V1.1.0 (2016-02)"
+# Format: {<sub indication1>, <main indication1>};{...}...
+indicationmapping={FORMAT_FAILURE,INDETERMINATE};{NO_VALID_TIMESTAMPS_FOUND, INDETERMINATE}
+
+# Allows any key usage if set to true, otherwise only dig. signature
+allowanykeyusage=false
+
+# Defines the chaining model for path validation.
+# possible values are:
+# - All certificates are valid at validationtime (SHELL model). This is the default value.
+# - All certificates are valid at the time they were used for issuing a certificate or signing (CHAIN model).
+chainingmodel=shell
+
+# Defines if the validation of each timestap should be added to the validation report.
+# If set to true, the timestamp validation reports will be added. Default value is true.
+timestampreports=true
+
+# defines the bits which HAS TO be set in the key usage field of the
+# end users certificate. The valid bits (from RFC5280) to set are as follows:
+# (if omitted or empty it defaults to DIGITAL_SIGNATURE):
+# digitalSignature (0),
+# contentCommitment (1)
+# dataEncipherment (3),
+# keyAgreement (4),
+# keyCertSign (5),
+# cRLSign (6),
+# encipherOnly (7),
+# decipherOnly (8)
+
+# Format: {<index of bit to set>; ...}
+keyusage = {0, 1} \ No newline at end of file