refactor(core): move all project libs into sub-project 'modules'

# Conflicts:
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/2.5.0/eidas-parent-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.0.0/eidas-commons-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.1.0/eidas-commons-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.1.0/eidas-commons-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.4.0/eidas-commons-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.4.0/eidas-commons-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.3.0/eidas-jcache-ignite-specific-communication-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.3.0/eidas-jcache-ignite-specific-communication-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.4.0/eidas-jcache-ignite-specific-communication-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.4.0/eidas-jcache-ignite-specific-communication-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.3.0/eidas-jcache-ignite-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.3.0/eidas-jcache-ignite-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.4.0/eidas-jcache-ignite-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.4.0/eidas-jcache-ignite-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.0.0/eidas-light-commons-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.1.0/eidas-light-commons-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.1.0/eidas-light-commons-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.4.0/eidas-light-commons-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.4.0/eidas-light-commons-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.0.0/eidas-parent-2.0.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.1.0/eidas-parent-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.2.1-egiz/eidas-parent-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.3.0/eidas-parent-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.4.0/eidas-parent-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.5.0/eidas-parent-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.0.0/eidas-specific-communication-definition-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.1.0/eidas-specific-communication-definition-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.1.0/eidas-specific-communication-definition-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.4.0/eidas-specific-communication-definition-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.4.0/eidas-specific-communication-definition-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.pom
#	modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java
#	modules/authmodule_id-austria/checks/spotbugs-exclude.xml
#	modules/authmodule_id-austria/pom.xml
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthenticationSpringResourceProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaEidasProxyAuthenticationModulImpl.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/EidasConnecorUniqueIdAttributeBuilder.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthMessageSource.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthMetadataConfiguration.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthRequestBuilderConfiguration.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthSignalController.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/IdAustriaAuthCredentialProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/IdAustriaAuthMetadataProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/Utils.java
#	modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
#	modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
#	modules/authmodule_id-austria/src/main/resources/messages/idaustria_auth_messages.properties
#	modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml
#	modules/authmodule_id-austria/src/main/resources/spring/id_austria_auth.beans.xml
#	modules/authmodule_id-austria/src/main/resources/spring/id_austria_task.beans.xml
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaAuthSpringResourceProviderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/EidasConnecorUniqueIdAttributeBuilderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/config/IdAustriaAuthMessageSourceTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthSignalControllerTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthCredentialProviderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderSecondTest.java
#	modules/authmodule_id-austria/src/test/resources/config/junit.jks
#	modules/authmodule_id-austria/src/test/resources/config/junit_config_1.properties
#	modules/authmodule_id-austria/src/test/resources/config/junit_test.jks
#	modules/authmodule_id-austria/src/test/resources/config/junit_test_no_trust_certs.jks
#	modules/authmodule_id-austria/src/test/resources/config/pvp.jks
#	modules/authmodule_id-austria/src/test/resources/config/pvp.p12
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_bpk_without_prefix.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_minimum.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_eid_sector_attr.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_wrong_data.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_wrong_destination_endpoint.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_classpath_entityid.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_userstop.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml
#	modules/authmodule_id-austria/src/test/resources/data/eidas_node_siging.crt
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_classpath_entity.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_no_sig.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_no_sig2.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_sig_notvalid.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml
#	modules/authmodule_id-austria/src/test/resources/data/junit_keystore_metadata.crt
#	modules/authmodule_id-austria/src/test/resources/data/junit_keystore_signing.crt
#	modules/authmodule_id-austria/src/test/resources/data/moa_sig_signing.crt
#	modules/authmodule_id-austria/src/test/resources/data/pvp_postbinding_template.html
#	modules/authmodule_id-austria/src/test/resources/data/sp_metadata_junit.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_lazy.xml
#	modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
#	modules/eidas_proxy-sevice/pom.xml
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/EidasProxyMessageSource.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceSpringResourceProvider.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/exception/EidasProxyServiceException.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServicePendingRequest.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/utils/EidasProxyServiceUtils.java
#	modules/eidas_proxy-sevice/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
#	modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties
#	modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
#	modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
#	modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml
#	modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
#	modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
#	modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml

1 files changed, 0 insertions, 305 deletions

diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java
deleted file mode 100644
index e81c4c92..00000000
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java
+++ /dev/null
@@ -1,305 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
-
-import at.gv.egiz.eaaf.core.exception.EaafKeyUsageException;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.utils.X509Utils;
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
-import org.jose4j.jca.ProviderContext;
-import org.jose4j.jwa.AlgorithmConstraints;
-import org.jose4j.jws.AlgorithmIdentifiers;
-import org.jose4j.jws.JsonWebSignature;
-import org.jose4j.jwx.Headers;
-import org.jose4j.jwx.JsonWebStructure;
-import org.jose4j.keys.resolvers.X509VerificationKeyResolver;
-import org.jose4j.lang.JoseException;
-import org.springframework.util.Base64Utils;
-
-import javax.annotation.Nonnull;
-import java.io.IOException;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.Provider;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.RSAPrivateKey;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-
-/**
- * {@link JoseUtils} provides static methods JWS and JWE processing.
- *
- * @author tlenz
- *
- */
-@Slf4j
-public class JoseUtils {
-
-  /**
-   * Create a JWS signature.
-   *
-   * <p>
-   * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case
-   * of a RSA based key and
-   * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256}
-   * in case of an ECC based key.
-   * </p>
-   *
-   * @param keyStore               KeyStore that should be used
-   * @param keyAlias               Alias of the private key
-   * @param keyPassword            Password to access the key
-   * @param payLoad                PayLoad to sign
-   * @param addFullCertChain       If true the full certificate chain will be
-   *                               added, otherwise only the
-   *                               X509CertSha256Fingerprint is added into JOSE
-   *                               header
-   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
-   *                               purposes only
-   * @return Signed PayLoad in serialized form
-   * @throws EaafException In case of a key-access or key-usage error
-   * @throws JoseException In case of a JOSE error
-   */
-  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
-      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
-      @Nonnull final String payLoad, boolean addFullCertChain,
-      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
-    return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, Collections.emptyMap(),
-        AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
-        friendlyNameForLogging);
-
-  }
-
-  /**
-   * Create a JWS signature.
-   *
-   * <p>
-   * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case
-   * of a RSA based key and
-   * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256}
-   * in case of an ECC based key.
-   * </p>
-   *
-   * @param keyStore               KeyStore that should be used
-   * @param keyAlias               Alias of the private key
-   * @param keyPassword            Password to access the key
-   * @param payLoad                PayLoad to sign
-   * @param addFullCertChain       If true the full certificate chain will be
-   *                               added, otherwise only the
-   *                               X509CertSha256Fingerprint is added into JOSE
-   *                               header
-   * @param joseHeaders            HeaderName and HeaderValue that should be set
-   *                               into JOSE header
-   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
-   *                               purposes only
-   * @return Signed PayLoad in serialized form
-   * @throws EaafException In case of a key-access or key-usage error
-   * @throws JoseException In case of a JOSE error
-   */
-  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
-      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
-      @Nonnull final String payLoad, boolean addFullCertChain,
-      @Nonnull final Map<String, String> joseHeaders,
-      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
-    return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, joseHeaders,
-        AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
-        friendlyNameForLogging);
-
-  }
-
-  /**
-   * Create a JWS signature.
-   *
-   * @param keyStore               KeyStore that should be used
-   * @param keyAlias               Alias of the private key
-   * @param keyPassword            Password to access the key
-   * @param payLoad                PayLoad to sign
-   * @param addFullCertChain       If true the full certificate chain will be
-   *                               added, otherwise only the
-   *                               X509CertSha256Fingerprint is added into JOSE
-   *                               header
-   * @param joseHeaders            HeaderName and HeaderValue that should be set
-   *                               into JOSE header
-   * @param rsaAlgToUse            Signing algorithm that should be used in case
-   *                               of a signing key based on RSA
-   * @param eccAlgToUse            Signing algorithm that should be used in case
-   *                               of a signing key based on ECC
-   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
-   *                               purposes only
-   * @return Signed PayLoad in serialized form
-   * @throws EaafException In case of a key-access or key-usage error
-   * @throws JoseException In case of a JOSE error
-   */
-  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
-      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
-      @Nonnull final String payLoad, boolean addFullCertChain,
-      @Nonnull final Map<String, String> joseHeaders,
-      @Nonnull final String rsaAlgToUse, @Nonnull final String eccAlgToUse,
-      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
-
-    final JsonWebSignature jws = new JsonWebSignature();
-
-    // set payload
-    jws.setPayload(payLoad);
-
-    // set JOSE headers
-    for (final Entry<String, String> el : joseHeaders.entrySet()) {
-      log.trace("Set JOSE header: {} with value: {} into JWS", el.getKey(), el.getValue());
-      jws.setHeader(el.getKey(), el.getValue());
-
-    }
-
-    // set signing information
-    final Pair<Key, X509Certificate[]> signingCred = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
-        keyStore.getFirst(), keyAlias, keyPassword, true, friendlyNameForLogging);
-    jws.setKey(signingCred.getFirst());
-    jws.setAlgorithmHeaderValue(getKeyOperationAlgorithmFromCredential(
-        jws.getKey(), rsaAlgToUse, eccAlgToUse, friendlyNameForLogging));
-
-    // set special provider if required
-    if (keyStore.getSecond() != null) {
-      log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName());
-      final ProviderContext providerCtx = new ProviderContext();
-      providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
-          keyStore.getSecond().getName());
-      jws.setProviderContext(providerCtx);
-
-    }
-
-    if (addFullCertChain) {
-      jws.setCertificateChainHeaderValue(signingCred.getSecond());
-
-    }
-
-    jws.setX509CertSha256ThumbprintHeaderValue(signingCred.getSecond()[0]);
-
-    return jws.getCompactSerialization();
-
-  }
-
-  /**
-   * Verify a JOSE signature.
-   *
-   * @param serializedContent Serialized content that should be verified
-   * @param trustedCerts      Trusted certificates that should be used for
-   *                          verification
-   * @param constraints       {@link AlgorithmConstraints} for verification
-   * @return {@link JwsResult} object
-   * @throws JoseException In case of a signature verification error
-   * @throws IOException   In case of a general error
-   */
-  public static JwsResult validateSignature(@Nonnull final String serializedContent,
-      @Nonnull final List<X509Certificate> trustedCerts, @Nonnull final AlgorithmConstraints constraints)
-      throws JoseException, IOException {
-    final JsonWebSignature jws = new JsonWebSignature();
-    // set payload
-    jws.setCompactSerialization(serializedContent);
-
-    // set security constrains
-    jws.setAlgorithmConstraints(constraints);
-
-    // load signinc certs
-    Key selectedKey = null;
-    final List<X509Certificate> x5cCerts = jws.getCertificateChainHeaderValue();
-    final String x5t256 = jws.getX509CertSha256ThumbprintHeaderValue();
-    if (x5cCerts != null) {
-      log.debug("Found x509 certificate in JOSE header ... ");
-      log.trace("Sorting received X509 certificates ... ");
-      final List<X509Certificate> sortedX5cCerts = X509Utils.sortCertificates(x5cCerts);
-
-      if (trustedCerts.contains(sortedX5cCerts.get(0))) {
-        selectedKey = sortedX5cCerts.get(0).getPublicKey();
-
-      } else {
-        log.info("Can NOT find JOSE certificate in truststore.");
-        if (log.isDebugEnabled()) {
-          try {
-            log.debug("Cert: {}", Base64Utils.encodeToString(sortedX5cCerts.get(0).getEncoded()));
-
-          } catch (final CertificateEncodingException e) {
-            log.warn("Can not create DEBUG output", e);
-
-          }
-        }
-      }
-
-    } else if (StringUtils.isNotEmpty(x5t256)) {
-      log.debug("Found x5t256 fingerprint in JOSE header .... ");
-      final X509VerificationKeyResolver x509VerificationKeyResolver = new X509VerificationKeyResolver(
-          trustedCerts);
-      selectedKey = x509VerificationKeyResolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList());
-
-    } else {
-      throw new JoseException("JWS contains NO signature certificate or NO certificate fingerprint");
-
-    }
-
-    if (selectedKey == null) {
-      throw new JoseException("Can NOT select verification key for JWS. Signature verification FAILED");
-
-    }
-
-    // set verification key
-    jws.setKey(selectedKey);
-
-    // load payLoad
-    return new JwsResult(
-        jws.verifySignature(),
-        jws.getUnverifiedPayload(),
-        jws.getHeaders(),
-        x5cCerts);
-
-  }
-
-  /**
-   * Select signature algorithm for a given credential.
-   *
-   * @param key                    {@link X509Credential} that will be used for
-   *                               key operations
-   * @param rsaSigAlgorithm        RSA based algorithm that should be used in case
-   *                               of RSA credential
-   * @param ecSigAlgorithm         EC based algorithm that should be used in case
-   *                               of RSA credential
-   * @param friendlyNameForLogging KeyStore friendlyName for logging purposes
-   * @return either the RSA based algorithm or the EC based algorithm
-   * @throws EaafKeyUsageException In case of an unsupported private-key type
-   */
-  private static String getKeyOperationAlgorithmFromCredential(Key key,
-      String rsaSigAlgorithm, String ecSigAlgorithm, String friendlyNameForLogging)
-      throws EaafKeyUsageException {
-    if (key instanceof RSAPrivateKey) {
-      return rsaSigAlgorithm;
-
-    } else if (key instanceof ECPrivateKey) {
-      return ecSigAlgorithm;
-
-    } else {
-      log.warn("Could NOT select the cryptographic algorithm from Private-Key type");
-      throw new EaafKeyUsageException(EaafKeyUsageException.ERROR_CODE_01,
-          friendlyNameForLogging,
-          "Can not select cryptographic algorithm");
-
-    }
-
-  }
-
-  private JoseUtils() {
-
-  }
-
-  @Getter
-  @AllArgsConstructor
-  public static class JwsResult {
-    final boolean valid;
-    final String payLoad;
-    final Headers fullJoseHeader;
-    final List<X509Certificate> x5cCerts;
-
-  }
-}