diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
5 files changed, 363 insertions, 33 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java index a3d28304..d004ac0e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java @@ -139,7 +139,6 @@ public class SZRClient { //build response log.trace(new String(szrResponse)); - log.trace("Signature successfully created. Extracting from MOA-SS container."); // ok, we have success Document doc = DOMUtils.parseDocument( diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java index 6f069596..01af6b00 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java @@ -22,13 +22,23 @@ *******************************************************************************/ package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + import java.io.IOException; import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchProviderException; import java.util.List; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + import org.apache.commons.lang3.StringUtils; +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.slf4j.Logger; @@ -40,6 +50,8 @@ import org.springframework.util.Base64Utils; import org.w3._2000._09.xmldsig.KeyValueType; import org.w3c.dom.Element; +import com.skjolberg.mockito.soap.SoapServiceRule; + import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; @@ -53,8 +65,10 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; import at.gv.egiz.eaaf.core.impl.data.Trible; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import szrservices.GetIdentityLinkEidasResponse; import szrservices.IdentityLinkType; import szrservices.PersonInfoType; +import szrservices.SZR; import szrservices.SZRException_Exception; import szrservices.TravelDocumentType; @@ -77,35 +91,20 @@ public class SZRClientTest { private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP"; - @Test - public void dummyTest() { - - } - - - /* - * getIdentityLink without RAW mode does not contain a valid signature - */ - //@Test -// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { -// log.debug("Starting connecting SZR Gateway"); -// IdentityLinkType result = szrClient.getIdentityLink( -// getPersonInfo(), -// dummyCodeForKeys(), -// basicConfig.getBasicMOAIDConfigurationBoolean( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, -// true) -// ); -// -// Element idlFromSZR = (Element)result.getAssertion(); -// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); -// if (identityLink == null) -// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); -// -// } + @BeforeClass + public static void classInitializer() throws IOException { + final String current = new java.io.File( "." ).toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); + + } + @Rule + public SoapServiceRule soap = SoapServiceRule.newInstance(); + @Test - public void getIdentityLinkRawMode() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { + public void getIdentityLinkRawMode() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException, JAXBException { + setSZRResponse("/data/szr/szr_resp_valid_1.xml", "http://localhost/demoszr"); + log.debug("Starting connecting SZR Gateway"); IdentityLinkType result = szrClient.getIdentityLinkInRawMode( getPersonInfo()); @@ -143,7 +142,8 @@ public class SZRClientTest { } -// @Test + @Ignore + @Test public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException { String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET, basicConfig.getBasicConfiguration( @@ -156,6 +156,21 @@ public class SZRClientTest { } + private void setSZRResponse(String responseXmlPath, String serviceURL) throws JAXBException, SZRException_Exception { + final SZR szrServiceMock = soap.mock(SZR.class, serviceURL); + final JAXBContext jaxbContext = JAXBContext.newInstance( + szrservices.ObjectFactory.class, + org.xmlsoap.schemas.ws._2002._04.secext.ObjectFactory.class, + org.w3._2001._04.xmldsig_more.ObjectFactory.class, + org.w3._2000._09.xmldsig.ObjectFactory.class, + at.gv.egov.pvp1.ObjectFactory.class, + at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); + final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); + final GetIdentityLinkEidasResponse szrResponse= (GetIdentityLinkEidasResponse) jaxbUnmarshaller.unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); + when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn()); + + } + private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { try { MessageDigest md = MessageDigest.getInstance("SHA-256"); @@ -234,4 +249,25 @@ public class SZRClientTest { return null; } + + /* + * getIdentityLink without RAW mode does not contain a valid signature + */ + //@Test +// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { +// log.debug("Starting connecting SZR Gateway"); +// IdentityLinkType result = szrClient.getIdentityLink( +// getPersonInfo(), +// dummyCodeForKeys(), +// basicConfig.getBasicMOAIDConfigurationBoolean( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, +// true) +// ); +// +// Element idlFromSZR = (Element)result.getAssertion(); +// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); +// if (identityLink == null) +// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); +// +// } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java new file mode 100644 index 00000000..065c13f8 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTestProduction.java @@ -0,0 +1,239 @@ +/******************************************************************************* + * Copyright 2018 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchProviderException; +import java.util.List; + +import org.apache.commons.lang3.StringUtils; +import org.junit.Ignore; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Base64Utils; +import org.w3._2000._09.xmldsig.KeyValueType; +import org.w3c.dom.Element; + +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; +import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; +import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.impl.data.Trible; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import szrservices.IdentityLinkType; +import szrservices.PersonInfoType; +import szrservices.SZRException_Exception; +import szrservices.TravelDocumentType; + +@Ignore +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_basic_test.xml") +public class SZRClientTestProduction { + private static final Logger log = LoggerFactory.getLogger(SZRClientTestProduction.class); + + @Autowired SZRClient szrClient; + @Autowired IConfiguration basicConfig; + + private static final String givenName = "Franz"; + private static final String familyName = "Mustermann"; + private static final String dateOfBirth = "1989-05-05"; + private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF"; + + //Dummy public RSA Key + private static final String PUBKEY_EXPONENT = "AQAB"; + private static final String PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X"; + + private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP"; + + @Test + public void dummyTest() { + + } + + + /* + * getIdentityLink without RAW mode does not contain a valid signature + */ + //@Test +// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { +// log.debug("Starting connecting SZR Gateway"); +// IdentityLinkType result = szrClient.getIdentityLink( +// getPersonInfo(), +// dummyCodeForKeys(), +// basicConfig.getBasicMOAIDConfigurationBoolean( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, +// true) +// ); +// +// Element idlFromSZR = (Element)result.getAssertion(); +// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); +// if (identityLink == null) +// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); +// +// } + + @Test + public void getIdentityLinkRawMode() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { + log.debug("Starting connecting SZR Gateway"); + IdentityLinkType result = szrClient.getIdentityLinkInRawMode( + getPersonInfo()); + + Element idlFromSZR = (Element)result.getAssertion(); + IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); + + if (identityLink == null) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO IDL object"}); + + System.out.println(identityLink.getSerializedSamlAssertion()); + + if (StringUtils.isEmpty(identityLink.getFamilyName())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO FamilyName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getGivenName())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO GivenName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getDateOfBirth())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO DateOfBirthName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getIdentificationType())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseIdType from IDL"}); + + if (StringUtils.isEmpty(identityLink.getIdentificationValue())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseId from IDL"}); + + if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO serialized IDL"}); + + if (identityLink.getSamlAssertion() == null ) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO raw IDL"}); + + + + } + +// @Test + public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException { + String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET, + basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, + "no VKZ defined")); + + if (StringUtils.isEmpty(bPK)) + throw new SZRCommunicationException("ernb.01", new Object[] {"bPK is null or empty"}); + + + } + + private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { + try { + MessageDigest md = MessageDigest.getInstance("SHA-256"); + byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); + String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); + return hashBase64; + + } catch (Exception ex) { + throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); + + } + } + + private PersonInfoType getPersonInfo() throws eIDASAuthenticationException { + PersonInfoType personInfo = new PersonInfoType(); + PersonNameType personName = new PersonNameType(); + PhysicalPersonType naturalPerson = new PhysicalPersonType(); + TravelDocumentType eDocument = new TravelDocumentType(); + + naturalPerson.setName(personName ); + personInfo.setPerson(naturalPerson ); + personInfo.setTravelDocument(eDocument ); + + //parse some eID attributes + Trible<String, String, String> eIdentifier = + eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID); + String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); + String citizenCountry = eIdentifier.getFirst(); + + //person information + personName.setFamilyName((String)familyName); + personName.setGivenName((String)givenName); + naturalPerson.setDateOfBirth(dateOfBirth); + eDocument.setIssuingCountry(citizenCountry); + eDocument.setDocumentNumber(uniqueId); + + //eID document information + eDocument.setDocumentType(basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, + Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); + + //TODO: that should be removed +// eDocument.setIssueDate(basicConfig.getBasicConfiguration( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE)); +// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY)); + + return personInfo; + } + + + private List<KeyValueType> dummyCodeForKeys() throws IOException, NoSuchProviderException, InvalidKeyException { +// if (basicConfig.getBasicMOAIDConfigurationBoolean( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY, +// false)) { +// List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>(); +// try { +// // set key values +// RSAKeyValueType rsa = new RSAKeyValueType(); +// rsa.setExponent(PUBKEY_EXPONENT); +// rsa.setModulus(PUBKEY_MODULUS); +// +// KeyValueType key = new KeyValueType(); +// key.setRSAKeyValue(rsa); +// keyvalueList.add(key); +// +// return keyvalueList; +// } catch (Exception e) { +// log.error("TestCode has an internal ERROR", e); +// throw e; +// +// } +// +// } + + return null; + + } +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java index ed09ea2d..72ad708e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/eIDASAttributePostProcessingTest.java @@ -24,11 +24,13 @@ package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; import static org.junit.Assert.fail; +import java.io.IOException; import java.text.SimpleDateFormat; import java.util.HashMap; import java.util.Map; import org.joda.time.DateTime; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; @@ -101,10 +103,14 @@ public class eIDASAttributePostProcessingTest { private static final String P2_PLACEOFBIRTH = "Nirgendwo"; private static final String P2_BIRTHNAME = "Musterkind"; - @Test - public void dummyTest() { - - } + + @BeforeClass + public static void classInitializer() throws IOException { + final String current = new java.io.File( "." ).toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); + + } + @Test public void DEWithHexLowerCase() throws Exception { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml new file mode 100644 index 00000000..c376caef --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml @@ -0,0 +1,50 @@ +<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BVpN1WJO4x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hans</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1989-05-05</pr:DateOfBirth></pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> + a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9 + Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j + zQ9GHFnZnnob0+bBflqIjZOl4xc= + </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> +</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file |