# Can be : ALL, DEBUG, INFO, WARN, ERROR, FATAL, OFF eparapher.log.level=INFO #eparapher.personal-safe.local.path= ########################### ### Keystore settings ### ########################### # Keystore settings # SunMSCAPI (Windows only) # PKCS11 (need PKCS11 shared library, .dll or.so ) # JKS (All OS/JVM) # JCEKS (All OS/JVM) # PKCS12 (All OS/JVM) # BKS (All OS/JVM) # UBER (All OS/JVM) # CMSKS (All OS, need IBM JVM) eparapher.keystore.type=BKS eparapher.keystore.signature.alias=signature eparapher.keystore.authentication.alias=authentication eparapher.keystore.encryption.alias=encryption # File Keystore settings eparapher.keystore.file.path=./src/test/resources/keystore.p12 eparapher.keystore.file.passphrase=Password01! eparapher.safe.file=target/safe/safe.zip.raes eparapher.safe.archive.detector=zip|tzp|zip.rae|zip.raes eparapher.safe.aes.file=target/safe/safe.encrypted.key eparapher.safe.aes.keylength=128 # PKCS11 Keystore settings eparapher.keystore.pkcs11.config-file=${home}/.eParapher/pkcs11-config.cfg eparapher.keystore.pkcs11.library.path=c:\\Program Files\\Gemalto\\ACS\\5.3\\xltCk.dll #first slot is 0 for SunPKCS11 and 1 for IBMPKCS11 eparapher.keystore.pkcs11.slot-id=0 #the tracking thread is checking the smartcard each X ms, where X is defined below eparapher.keystore.pkcs11.tracking.sleep=500L # Security Policy for PIN and/or Passphrase eparapher.security.policy.secret.check=true eparapher.security.policy.secret.length.min.check=true eparapher.security.policy.secret.length.min=8 eparapher.security.policy.secret.lowercase.min.check=true eparapher.security.policy.secret.lowercase.min=1 eparapher.security.policy.secret.number.min.check=true eparapher.security.policy.secret.number.min=1 eparapher.security.policy.secret.special-char.min.check=true eparapher.security.policy.secret.special-char.min=1 eparapher.security.policy.secret.uppercase.min.check=true eparapher.security.policy.secret.uppercase.min=1 ############################ ### Signature settings ### ############################ eparapher.signature.input.file.overwrite= eparapher.signature.crl.add=false eparapher.signature.timestamp.add=false eparapher.signature.timestamp.server.url=http://tsp.iaik.at/tsp/TspRequest # CMS Signature (see RFC ) # Detached signature flag : # true : generate a p7m file that contains data + signature # false : generate a p7s file that contains signatures only eparapher.signature.cms.detached=true eparapher.signature.cms.hash.oid=2.16.840.1.101.3.4.2.1 # 0->Not certified, # 1->Certified : no changes allowed # 2->Certified : form filling # 3->Certified : form filling and annotations eparapher.signature.pdf.certification=1 # PPKLite -> Self signed (Adobe.PPKLite) # PPKVS -> VeriSign plug-in (VeriSign.PPKVS) # PPKMS -> Windows Certificate Security (Adobe.PPKMS) eparapher.signature.pdf.format=PPKMS eparapher.signature.pdf.location=Paris, France eparapher.signature.pdf.reason=Je suis l'auteur eparapher.signature.pdf.multiplesign=true eparapher.signature.pdf.input-file.replace=false eparapher.signature.pdf.newfile.append=.signed eparapher.signature.pdf.image.path=${home}/.eParapher/pdfsignature.png eparapher.signature.pdf.image.page=1 #Image size in percent eparapher.signature.pdf.image.scale=100 eparapher.signature.pdf.image.left.x=400 eparapher.signature.pdf.image.left.y=100 eparapher.signature.pdf.image.right.x=550 eparapher.signature.pdf.image.right.y=250 # Digest algorithm value must be one of those : # * http://www.w3.org/2000/09/xmldsig#sha1 # * http://www.w3.org/2001/04/xmlenc#sha256 # * http://www.w3.org/2001/04/xmlenc#sha512 # * http://www.w3.org/2001/04/xmlenc#ripemd160 eparapher.signature.xml.dsig.digest.algorithm=http://www.w3.org/2001/04/xmlenc#sha256 # Signature algorithm value must be one of those : # * DSA_SHA1 : http://www.w3.org/2000/09/xmldsig#dsa-sha1 # * RSA_SHA1 : http://www.w3.org/2000/09/xmldsig#rsa-sha1 # * HMAC_SHA1 : http://www.w3.org/2000/09/xmldsig#hmac-sha1 eparapher.signature.xml.dsig.signature.algorithm=http://www.w3.org/2000/09/xmldsig#rsa-sha1 eparapher.signature.xml.dsig.objectid= # Canonicalization methods must be one of those : # INCLUSIVE : http://www.w3.org/TR/2001/REC-xml-c14n-20010315 # INCLUSIVE_WITH_COMMENTS : http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments # EXCLUSIVE : http://www.w3.org/2001/10/xml-exc-c14n# # EXCLUSIVE_WITH_COMMENTS : http://www.w3.org/2001/10/xml-exc-c14n#WithComments eparapher.signature.xml.dsig.canonicalization=http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments # Transform must be one of those : # * BASE64 : http://www.w3.org/2000/09/xmldsig#enveloped-signature # * XPATH : http://www.w3.org/TR/1999/REC-xpath-19991116 # * XPATH2 : http://www.w3.org/2002/06/xmldsig-filter2 # * XSLT : http://www.w3.org/TR/1999/REC-xslt-19991116 eparapher.signature.xml.dsig.transform=http://www.w3.org/2000/09/xmldsig#enveloped-signature # Signature Format value is Detached, Enveloped or Enveloping eparapher.signature.xml.dsig.format=Enveloped eparapher.signature.xml.dsig.input.file.replace=false eparapher.signature.xml.dsig.dtd.check=false eparapher.openoffice.binary.path=/usr/lib64/openoffice/program eparapher.openoffice.binary.params= eparapher.openoffice.server.local=true eparapher.openoffice.server.local.autostart=true eparapher.openoffice.library.path=/usr/lib64/openoffice/ #forced to 127.0.0.1 if eparapher.openoffice.server.local set to true eparapher.openoffice.server.ip=127.0.0.1 eparapher.openoffice.server.port=38756 #AES 256 CBC : 2.16.840.1.101.3.4.1.42 #AES 192 CBC : 2.16.840.1.101.3.4.1.22 #AES 128 CBC : 2.16.840.1.101.3.4.1.2 eparapher.encryption.cms.key.algorithm=2.16.840.1.101.3.4.1.2 eparapher.encryption.cms.key.size=256 #single file path. PEM file that contains a list of recovery certificates eparapher.encryption.cms.recovery.cert= eparapher.encryption.key.algorithm=AES eparapher.encryption.key.size=256