# Format [key]=[value] # # Note that if an '=' is used in a key or value it has to be escaped: "\=" ##################### WebConfig ####################### #The path to the sva configuration file #svaconfig=/data/sigval/incoming/svaconfig #The directories where to store the collected testdata #testdir=/data/sigval/incoming/test/ #The basepath for signature validation #basepath=/data/sigval/incoming ###################################################### #The path prefix for all file system locations pathprefix=/home/user/example/prefix #The file where the xmldsig core schema is located xmlschemaloc=schema/xmldsig-core-schema.xsd #The root folder where truststore and certstore are created later on certroot=certs/example #The folder containing the trustanchors trustanchorloc=certs/example/trustanchors #The folder containing the timestampauthority trustanchors tsttrustanchorloc=certs/example/tstanchor #The folder containing alternative revocation information (comment out to use #infos contained in the certificate) #altdp=certs/example/revocation #The maximum age of a revocation information of a end user certificate in hours endusercertgrace=4382 #The maximum age of a revocation information for a ca certificate in hours cacertgrace=4382 tstcoherencetolerance=10 #The maximum time difference (in hours) the signing-time property and a #time stamp #timestampdelay=24 # Defines the forbidden hashing algorithms and the inception date # Format: {, };{, }... hashconstraint={md5, 2000-08-08};{sha1, 2013-08-08} # Defines the minimum required key lengths # Format: {, ,};{...}... keylenconstraint={rsa, 1024, 2000-08-08} # Defines the minimum required key lengths for CA Certificates # Format: {, ,};{...}... cakeylenconstraint={rsa,512,2000-08-08} # Defines the minimum required key lengths for timestamps # Format: {, ,};{...}... tstkeylenconstraint={rsa, 1024, 2000-08-08} # Defines the mapping from sub indications to main indications. # If a sub indication1 is not present or empty, the default mappings are used. # See "Final draft ETSI EN 319 102-1 V1.1.0 (2016-02)" # Format: {,
};{...}... indicationmapping={FORMAT_FAILURE,INDETERMINATE};{NO_VALID_TIMESTAMPS_FOUND, INDETERMINATE} # Allows any key usage if set to true, otherwise only dig. signature allowanykeyusage=false # Defines the chaining model for path validation. # possible values are: # - All certificates are valid at validationtime (SHELL model). This is the default value. # - All certificates are valid at the time they were used for issuing a certificate or signing (CHAIN model). chainingmodel=shell # Defines if the validation of each timestap should be added to the validation report. # If set to true, the timestamp validation reports will be added. Default value is true. timestampreports=true # defines the bits which HAS TO be set in the key usage field of the # end users certificate. The valid bits (from RFC5280) to set are as follows: # (if omitted or empty it defaults to DIGITAL_SIGNATURE): # digitalSignature (0), # contentCommitment (1) # dataEncipherment (3), # keyAgreement (4), # keyCertSign (5), # cRLSign (6), # encipherOnly (7), # decipherOnly (8) # Format: {; ...} keyusage = {0, 1}