From bebb31d692ba8dfaada7b6eb17e7f139789a17ac Mon Sep 17 00:00:00 2001 From: ferbas Date: Thu, 19 Nov 2009 14:29:53 +0000 Subject: configuration extension: internal vs. (old)external config file git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@456 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- src/main/resources/config/pdf-as.properties | 232 ++++++++++++++++++++++++++++ 1 file changed, 232 insertions(+) create mode 100644 src/main/resources/config/pdf-as.properties (limited to 'src/main/resources/config') diff --git a/src/main/resources/config/pdf-as.properties b/src/main/resources/config/pdf-as.properties new file mode 100644 index 0000000..c947551 --- /dev/null +++ b/src/main/resources/config/pdf-as.properties @@ -0,0 +1,232 @@ +############################################################################### +# PDF-AS system properties +############################################################################### + +normalizer.version=V01 + +# default cert algorithms +cert.alg.rsa=http://www.w3.org/2000/09/xmldsig#rsa-sha1 +cert.alg.ecdsa=http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 + +# BKU Algorithm - Kennzeichnung +default.bku.algorithm.id=etsi-bka-1.0 + +# MOA Algorithm - Kennzeichnung +default.moa.algorithm.id=etsi-bka-moa-1.0 + +# MOCCA Algorithm - Kennzeichnung +default.moc.algorithm.id=etsi-moc-1.0 + +# SIGNATURE LAYOUTS +# signature layout for mocca without any signature layout declaration +signaturelayout.pattern.moc.none=^((citizen-card-environment/1\\.2 MOCCA(?!.*SignatureLayout/).*)|(Jetty\\(6\\.1\\.10\\)))$ +signaturelayout.implementation.moc.none=at.knowcenter.wag.egov.egiz.sig.signaturelayout.mocca.OldMOCCASignatureLayoutHandler + +# signature layout 1.0 for mocca +signaturelayout.pattern.moc.10=^citizen-card-environment/1\\.2 MOCCA/.*SignatureLayout/1\\.0.*$ +signaturelayout.implementation.moc.10=at.knowcenter.wag.egov.egiz.sig.signaturelayout.mocca.MOCCASignatureLayout10Handler + +# signature layout for supported trustDesk basic versions +signaturelayout.pattern.tdb=^citizen-card-environment/1\\.2 trustDeskbasic((-OSX)|(-Linux))?/((2\\.7\\.\\d)|(2\\.8\\.\\d))$ +signaturelayout.implementation.tdb=at.knowcenter.wag.egov.egiz.sig.signaturelayout.td.TrustDeskSignatureLayoutHandler + +# signature layout for supported A-Trust CCS +signaturelayout.pattern.atrust=^citizen-card-environment/1\\.2 atrustSecurityLayer/1\\.1\\.0$ +signaturelayout.implementation.atrust=at.knowcenter.wag.egov.egiz.sig.signaturelayout.atrust.ATrustSignatureLayoutHandler + + +############################################# +# Signaturdienste + +# BKU settings + +# default bku enveloping sign template file +bku.sign.request.base64=./templates/default.bku.sign.enveloping.xml + +# default bku detached sign template file +bku.sign.request.detached=./templates/default.bku.sign.detached.xml + +bku.verify.template.base64old=./templates/default.bku.verify.template.enveloping.old.xml + +# default bku enveloping verify template files +bku.verify.request.base64=./templates/default.bku.verify.request.enveloping.xml +bku.verify.template.base64=./templates/default.bku.verify.template.enveloping.xml + +# default bku detached verify template files +bku.verify.request.detached=./templates/default.bku.verify.request.detached.xml +bku.verify.template.detached=./templates/default.bku.verify.template.detached.xml + +# MOCCA settings + +# default MOCCA signature template +moc.sign.request.detached=./templates/default.moc.sign.detached.xml + +# MOCCA verification +# default MOCCA verify template +moc.verify.template.detached=./templates/default.moc.verify.template.detached.xml + +# A1 settings + +a1.sign.url=https://signatur.a1.net/http-security-layer-request +a1.sign.request=./templates/BKUSignRequestB64.xml +a1.sign.KeyboxIdentifier=SecureSignatureKeypair + +a1.verify.url=https://signatur.a1.net/http-security-layer-request +a1.verify.request=./templates/BKUVerifyRequest.xml +a1.verify.template=./templates/BKUVerifyTemplateB64.xml +a1.verify.template.SP=./templates/BKUVerifyTemplateSP.xml + +# MOA Settings + +# default moa enveloping sign template file +moa.sign.request.base64=./templates/default.moa.sign.enveloping.xml +# default moa detached sign template file +moa.sign.request.detached=./templates/default.moa.sign.detached.xml + +# default moa enveloping verify template files +moa.verify.request.base64=./templates/default.moa.verify.request.enveloping.xml +moa.verify.template.base64=./templates/default.moa.verify.template.enveloping.xml + +# default moa detached verify template files +moa.verify.request.detached=./templates/default.moa.verify.request.detached.xml +moa.verify.template.detached=./templates/default.moa.verify.template.detached.xml + +############################################# +# start LDAP-Mappings +# note: ldap_mapping.xxx.serial_attr may be omitted if value is "eidCertificateSerialNumber" + +# A-Trust +ldap_mapping.asign_prem_sig01.issuer_name=CN=a-sign-Premium-Sig-01,OU=a-sign-Premium-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_sig01.url=ldap://ldap.a-trust.at/ou=a-sign-Premium-Sig-01,o=A-Trust,c=at +ldap_mapping.asign_prem_sig01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_sig02.issuer_name=CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_sig02.url=ldap://ldap.a-trust.at/ou=a-sign-Premium-Sig-02,o=A-Trust,c=at +ldap_mapping.asign_prem_sig02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_test_sig01.issuer_name=CN=a-sign-Premium-Test-Sig-01,OU=a-sign-Premium-Test-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_test_sig01.url=ldap://ldap-test.a-trust.at/ou=a-sign-Premium-Test-Sig-01,o=A-Trust,c=at +ldap_mapping.asign_prem_test_sig01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_test_sig02.issuer_name=CN=a-sign-Premium-Test-Sig-02,OU=a-sign-Premium-Test-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_test_sig02.url=ldap://ldap-test.a-trust.at/ou=a-sign-Premium-Test-Sig-02,o=A-Trust,c=at +ldap_mapping.asign_prem_test_sig02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_test_sig03.issuer_name=CN=a-sign-Premium-Test-Sig-03,OU=a-sign-Premium-Test-Sig-03,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_test_sig03.url=ldap://ldap-test.a-trust.at/ou=a-sign-Premium-Test-Sig-03,o=A-Trust,c=at +ldap_mapping.asign_prem_test_sig03.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_enc01.issuer_name=CN=a-sign-Premium-Enc-01,OU=a-sign-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_enc01.url=ldap://ldap.a-trust.at/ou=a-sign-Premium-Enc-01,o=A-Trust,c=at +ldap_mapping.asign_prem_enc01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_prem_enc02.issuer_name=CN=a-sign-Premium-Enc-02,OU=a-sign-Premium-Enc-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_prem_enc02.url=ldap://ldap.a-trust.at/ou=a-sign-Premium-Enc-02,o=A-Trust,c=at +ldap_mapping.asign_prem_enc02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_token_sig02.issuer_name=CN=a-sign-Token-Sig-02,OU=a-sign-Token-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_token_sig02.url=ldap://ldap.a-trust.at/ou=a-sign-Token-Sig-02,o=A-Trust,c=at +ldap_mapping.asign_token_sig02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_token_enc02.issuer_name=CN=a-sign-Token-Enc-02,OU=a-sign-Token-Enc-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_token_enc02.url=ldap://ldap.a-trust.at/ou=a-sign-Token-Enc-02,o=A-Trust,c=at +ldap_mapping.asign_token_enc02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_token_sig01.issuer_name=CN=a-sign-Token-Sig-01,OU=a-sign-Token-Sig-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_token_sig01.url=ldap://ldap.a-trust.at/ou=a-sign-Token-Sig-01,o=A-Trust,c=at +ldap_mapping.asign_token_sig01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_token_enc01.issuer_name=CN=a-sign-Token-Enc-01,OU=a-sign-Token-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_token_enc01.url=ldap://ldap.a-trust.at/ou=a-sign-Token-Enc-01,o=A-Trust,c=at +ldap_mapping.asign_token_enc01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_corp_light01.issuer_name=CN=a-sign-corporate-light-01,OU=a-sign-corporate-light-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_corp_light01.url=ldap://ldap.a-trust.at/ou=a-sign-corporate-light-01,o=A-Trust,c=at +ldap_mapping.asign_corp_light01.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_corp_light02.issuer_name=CN=a-sign-corporate-light-02,OU=a-sign-corporate-light-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_corp_light02.url=ldap://ldap.a-trust.at/ou=a-sign-corporate-light-02,o=A-Trust,c=at +ldap_mapping.asign_corp_light02.serial_attr=eidCertificateSerialNumber + +ldap_mapping.asign_corp_light03.issuer_name=CN=a-sign-corporate-light-03,OU=a-sign-corporate-light-03,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT +ldap_mapping.asign_corp_light03.url=ldap://ldap.a-trust.at/ou=a-sign-corporate-light-03,o=A-Trust,c=at +ldap_mapping.asign_corp_light03.serial_attr=eidCertificateSerialNumber + +# Hauptverband +ldap_mapping.ecard_vs_ca02.issuer_name=C=AT,O=Hauptverband österr. Sozialvers.,CN=VSig CA 2 +ldap_mapping.ecard_vs_ca02.url=ldap://ldap.ecard.sozialversicherung.at/ou=VSig CA 2,o=Hauptverband österr. Sozialvers.,c=at +ldap_mapping.ecard_vs_ca02.serial_attr=serialNumber + +# A-CERT +ldap_mapping.acert_freecert.issuer_name=EMAIL=-,CN=FREECERT,O=ARGE DATEN - Oesterreichische Gesellschaft fuer Datenschutz,L=Wien,ST=-,C=AT +ldap_mapping.acert_freecert.url=ldap://ldap.a-cert.at/ou=A-CERT FREECERT,o=A-CERT,c=AT +ldap_mapping.acert_freecert.serial_attr=serialNumber + +ldap_mapping.acert_globaltrust_neu.issuer_name=EMAIL=info@a-cert.at,CN=A-CERT GLOBALTRUST,O=ARGE DATEN - Austrian Society for Data Protection and Privacy,L=Vienna,ST=-,C=AT +ldap_mapping.acert_globaltrust_neu.url=ldap://ldap.a-cert.at/ou=A-CERT GLOBALTRUST NEU,o=A-CERT,c=AT +ldap_mapping.acert_globaltrust_neu.serial_attr=serialNumber + +ldap_mapping.acert_government.issuer_name=EMAIL=a-cert@a-cert.at,CN=A-CERT GOVERNMENT,O=ARGE DATEN - Österreichische Gesellschaft für Datenschutz,L=Wien,ST=Wien,C=AT +ldap_mapping.acert_government.url=ldap://ldap.a-cert.at/ou=A-CERT GOVERNMENT,o=A-CERT,c=AT +ldap_mapping.acert_government.serial_attr=serialNumber + +ldap_mapping.acert_advanced.issuer_name=EMAIL=info@a-cert.at,CN=A-CERT ADVANCED,OU=A-CERT Certification Service,O=ARGE DATEN - Austrian Society for Data Protection,L=Vienna,ST=Austria,C=AT +ldap_mapping.acert_advanced.url=ldap://ldap.a-cert.at/ou=A-CERT ADVANCED,o=A-CERT,c=AT +ldap_mapping.acert_advanced.serial_attr=serialNumber + +ldap_mapping.acert_globaltrust.issuer_name=EMAIL=a-cert@argedaten.at,O=Arge Daten Oesterreichische Gesellschaft fuer Datenschutz,L=Vienna,ST=Austria,C=AT +ldap_mapping.acert_globaltrust.url=ldap://ldap.a-cert.at/ou=A-CERT GLOBALTRUST,o=A-CERT,c=AT +ldap_mapping.acert_globaltrust.serial_attr=serialNumber + +ldap_mapping.acert_company.issuer_name=EMAIL=info@a-cert.at,CN=A-CERT ADVANCED,OU=A-CERT Certification Service,O=ARGE DATEN - Austrian Society for Data Protection,L=Vienna,ST=Austria,C=AT +ldap_mapping.acert_company.url=ldap://ldap.a-cert.at/ou=A-CERT COMPANY,o=A-CERT,c=AT +ldap_mapping.acert_company.serial_attr=serialNumber + +ldap_mapping.globaltrust.issuer_name=EMAIL=info@globaltrust.info,CN=GLOBALTRUST,OU=GLOBALTRUST Certification Service,O=ARGE DATEN - Austrian Society for Data Protection,ST=Austria,L=Vienna,C=AT +ldap_mapping.globaltrust.url=ldap://ldap.a-cert.at/ou=GLOBALTRUST,o=A-CERT,c=AT +ldap_mapping.globaltrust.serial_attr=serialNumber + +ldap_mapping.acert_client.issuer_name=EMAIL=a-cert@a-cert.at,CN=A-CERT CLIENT,O=ARGE DATEN - Oesterreichische Gesellschaft fuer Datenschutz,L=Wien,ST=Wien,C=AT +ldap_mapping.acert_client.url=ldap://ldap.a-cert.at/ou=A-CERT CLIENT,o=A-CERT,c=AT +ldap_mapping.acert_client.serial_attr=serialNumber + +ldap_mapping.globaltrust_demointern.issuer_name=EMAIL=a-cert@a-cert.at,CN=GLOBALTRUST DEMOINTERN,O=ARGE DATEN - Österreichische Gesellschaft für Datenschutz,L=Wien,ST=Wien,C=AT +ldap_mapping.globaltrust_demointern.url=ldap://ldap.a-cert.at/ou=GLOBALTRUST DEMOINTERN,o=A-CERT,c=AT +ldap_mapping.globaltrust_demointern.serial_attr=serialNumber + +ldap_mapping.acert_government2.issuer_name=EMAIL=a-cert@a-cert.at,CN=A-CERT GOVERNMENT,O=ARGE DATEN - Österreichische Gesellschaft für Datenschutz,L=Wien,ST=Wien,C=AT +ldap_mapping.acert_government2.url=ldap://ldap.a-cert.at/ou=A-CERT GOVERNMENT 2,o=A-CERT,c=AT +ldap_mapping.acert_government2.serial_attr=serialNumber + +ldap_mapping.acert_company2.issuer_name=EMAIL=info@globaltrust.info,CN=GLOBALTRUST,OU=GLOBALTRUST Certification Service,O=ARGE DATEN - Austrian Society for Data Protection,ST=Austria,L=Vienna,C=AT +ldap_mapping.acert_company2.url=ldap://ldap.a-cert.at/ou=A-CERT COMPANY 2,o=A-CERT,c=AT +ldap_mapping.acert_company2.serial_attr=serialNumber + +ldap_mapping.acert_government3.issuer_name=EMAIL=info@globaltrust.eu,CN=A-CERT GOVERNMENT,O=ARGE DATEN - Österreichische Gesellschaft für Datenschutz,L=Wien,ST=Wien,C=AT +ldap_mapping.acert_government3.url=ldap://ldap.a-cert.at/ou=A-CERT GOVERNMENT 3,o=A-CERT,c=AT +ldap_mapping.acert_government3.serial_attr=serialNumber + +ldap_mapping.acert_advanced2.issuer_name=EMAIL=info@globaltrust.eu,CN=A-CERT ADVANCED,O=e-commerce monitoring GmbH,L=Wien,C=AT +ldap_mapping.acert_advanced2.url=ldap://ldap.a-cert.at/ou=A-CERT ADVANCED 2,o=A-CERT,c=AT +ldap_mapping.acert_advanced2.serial_attr=serialNumber + +ldap_mapping.acert_client2.issuer_name=EMAIL=info@globaltrust.eu,CN=A-CERT CLIENT,O=e-commerce monitoring GmbH,L=Wien,C=AT +ldap_mapping.acert_client2.url=ldap://ldap.a-cert.at/ou=A-CERT CLIENT 2,o=A-CERT,c=AT +ldap_mapping.acert_client2.serial_attr=serialNumber + +ldap_mapping.acert_advanced3.issuer_name=EMAIL=info@globaltrust.eu,CN=A-CERT ADVANCED,O=ARGE DATEN - Austrian Society for Data Protection and Privacy,L=Vienna,C=AT +ldap_mapping.acert_advanced3.url=ldap://ldap.a-cert.at/ou=A-CERT ADVANCED 3,o=A-CERT,c=AT +ldap_mapping.acert_advanced3.serial_attr=serialNumber + +ldap_mapping.acert_client3.issuer_name=EMAIL=info@globaltrust.eu,CN=A-CERT CLIENT,O=ARGE DATEN - Austrian Society for Data Protection and Privacy,L=Vienna,C=AT +ldap_mapping.acert_client3.url=ldap://ldap.a-cert.at/ou=A-CERT CLIENT 3,o=A-CERT,c=AT +ldap_mapping.acert_client3.serial_attr=serialNumber + +ldap_mapping.dtrust_qual.issuer_name=CN=D-TRUST Qualified CA 3 2007:PN,O=D-Trust GmbH,C=DE +ldap_mapping.dtrust_qual.url=ldap://directory.d-trust.net:389/cn=D-TRUST Qualified CA 3 2007:PN,o=D-Trust GmbH,c=DE +ldap_mapping.dtrust_qual.serial_attr=uid + + +# end LDAP-Mappings +############################################# + -- cgit v1.2.3