aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-12 12:59:02 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-12 12:59:02 +0200
commitf27c63abbac1316da256ab3c7e49ebe449afb469 (patch)
tree6b736a41506d32c7e05a45829433a8c26312cd34
parent92982d1ee7f13e5206ea192776b0a042d2ddea2f (diff)
downloadmoa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.tar.gz
moa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.tar.bz2
moa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.zip
update XAdES scheme 1.3.2 and 1.4.1
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java4
-rw-r--r--id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd15
-rw-r--r--id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd (renamed from id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd)125
-rw-r--r--id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd64
4 files changed, 162 insertions, 46 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java
index c94222ea0..47abbf29a 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java
@@ -281,7 +281,7 @@ public interface Constants {
/** Local location of the XAdES v1.1.1 schema definition */
public static final String XADES_1_3_2_SCHEMA_LOCATION =
- SCHEMA_ROOT + "XAdES-1.3.2.xsd";
+ SCHEMA_ROOT + "XAdES01903v132-201601.xsd";
/** URI of the XAdES v1.3.2 namespace */
public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#";
@@ -290,7 +290,7 @@ public interface Constants {
/** Local location of the XAdES v1.4.1 schema definition */
public static final String XADES_1_4_1_SCHEMA_LOCATION =
- SCHEMA_ROOT + "XAdES-1.4.1.xsd";
+ SCHEMA_ROOT + "XAdES01903v141-201601.xsd";
/** URI of the XAdES v1.4.1 namespace */
public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#";
diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd
deleted file mode 100644
index 274dbdca1..000000000
--- a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified">
- <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES-1.3.2.xsd"/>
- <!-- Start CertificateValues -->
- <xsd:element name="TimeStampValidationData" type="ValidationDataType"/>
- <xsd:complexType name="ValidationDataType">
- <xsd:sequence>
- <xsd:element ref="xades:CertificateValues" minOccurs="0" />
- <xsd:element ref="xades:RevocationValues" minOccurs="0" />
- </xsd:sequence>
- <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
- <xsd:attribute name="UR" type="xsd:anyURI" use="optional"/>
- </xsd:complexType>
- <xsd:element name="ArchiveTimeStampV2" type="xades:XAdESTimeStampType"/>
-</xsd:schema>
diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd
index b05691515..e7a5f3a02 100644
--- a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd
+++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.3.2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified">
- <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/xmldsig-core-schema.xsd"/>
<!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType,
EncapsulatedPKIDataType and containers for time-stamp tokens -->
<!-- Start AnyType -->
@@ -125,8 +125,8 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/>
<xsd:complexType name="QualifyingPropertiesType">
<xsd:sequence>
- <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/>
+ <xsd:element ref="SignedProperties" minOccurs="0"/>
+ <xsd:element ref="UnsignedProperties" minOccurs="0"/>
</xsd:sequence>
<xsd:attribute name="Target" type="xsd:anyURI" use="required"/>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
@@ -136,8 +136,8 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="SignedProperties" type="SignedPropertiesType"/>
<xsd:complexType name="SignedPropertiesType">
<xsd:sequence>
- <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/>
+ <xsd:element ref="SignedSignatureProperties" minOccurs="0"/>
+ <xsd:element ref="SignedDataObjectProperties" minOccurs="0"/>
</xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType>
@@ -146,21 +146,26 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/>
<xsd:complexType name="UnsignedPropertiesType">
<xsd:sequence>
- <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/>
- <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/>
+ <xsd:element ref="UnsignedSignatureProperties" minOccurs="0"/>
+ <xsd:element ref="UnsignedDataObjectProperties" minOccurs="0"/>
</xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType>
<!-- End UnsignedProperties-->
<!-- Start SignedSignatureProperties-->
+ <!-- Definition changed: added new optional children for EN -->
<xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/>
<xsd:complexType name="SignedSignaturePropertiesType">
<xsd:sequence>
- <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
- <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/>
- <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType" minOccurs="0"/>
- <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/>
- <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/>
+ <xsd:element ref="SigningTime" minOccurs="0"/>
+ <xsd:element ref="SigningCertificate" minOccurs="0"/>
+ <xsd:element ref="SigningCertificateV2" minOccurs="0"/>
+ <xsd:element ref="SignaturePolicyIdentifier" minOccurs="0"/>
+ <xsd:element ref="SignatureProductionPlace" minOccurs="0"/>
+ <xsd:element ref="SignatureProductionPlaceV2" minOccurs="0"/>
+ <xsd:element ref="SignerRole" minOccurs="0"/>
+ <xsd:element ref="SignerRoleV2" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType>
@@ -169,10 +174,11 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/>
<xsd:complexType name="SignedDataObjectPropertiesType">
<xsd:sequence>
- <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="DataObjectFormat" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="CommitmentTypeIndication" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="AllDataObjectsTimeStamp" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element ref="IndividualDataObjectsTimeStamp" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType>
@@ -181,19 +187,19 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/>
<xsd:complexType name="UnsignedSignaturePropertiesType">
<xsd:choice maxOccurs="unbounded">
- <xsd:element name="CounterSignature" type="CounterSignatureType"/>
- <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/>
- <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/>
- <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/>
- <xsd:element name="CertificateValues" type="CertificateValuesType"/>
- <xsd:element name="RevocationValues" type="RevocationValuesType"/>
- <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/>
- <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
- <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
+ <xsd:element ref="CounterSignature"/>
+ <xsd:element ref="SignatureTimeStamp"/>
+ <xsd:element ref="CompleteCertificateRefs"/>
+ <xsd:element ref="CompleteRevocationRefs"/>
+ <xsd:element ref="AttributeCertificateRefs"/>
+ <xsd:element ref="AttributeRevocationRefs"/>
+ <xsd:element ref="SigAndRefsTimeStamp"/>
+ <xsd:element ref="RefsOnlyTimeStamp"/>
+ <xsd:element ref="CertificateValues"/>
+ <xsd:element ref="RevocationValues"/>
+ <xsd:element ref="AttrAuthoritiesCertValues"/>
+ <xsd:element ref="AttributeRevocationValues"/>
+ <xsd:element ref="ArchiveTimeStamp"/>
<xsd:any namespace="##other"/>
</xsd:choice>
<xsd:attribute name="Id" type="xsd:ID" use="optional"/>
@@ -240,6 +246,21 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
</xsd:sequence>
</xsd:complexType>
<!-- End SigningCertificate -->
+ <!-- Start SigningCertificateV2 and CertIDListV2Type -->
+ <xsd:element name="SigningCertificateV2" type="CertIDListV2Type"/>
+ <xsd:complexType name="CertIDListV2Type">
+ <xsd:sequence>
+ <xsd:element name="Cert" type="CertIDTypeV2" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertIDTypeV2">
+ <xsd:sequence>
+ <xsd:element name="CertDigest" type="DigestAlgAndValueType"/>
+ <xsd:element name="IssuerSerialV2" type="xsd:base64Binary" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <!-- End SigningCertificateV2 and CertIDListV2Type -->
<!-- Start SignaturePolicyIdentifier -->
<xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/>
<xsd:complexType name="SignaturePolicyIdentifierType">
@@ -287,6 +308,7 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:sequence>
<xsd:element ref="ds:Signature"/>
</xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
</xsd:complexType>
<!-- End CounterSignature -->
<!-- Start DataObjectFormat -->
@@ -330,6 +352,18 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
</xsd:sequence>
</xsd:complexType>
<!-- End SignatureProductionPlace -->
+ <!-- Start SignatureProductionPlaceV2 and SignatureProductionPlaceV2Type -->
+ <xsd:element name="SignatureProductionPlaceV2" type="SignatureProductionPlaceV2Type"/>
+ <xsd:complexType name="SignatureProductionPlaceV2Type">
+ <xsd:sequence>
+ <xsd:element name="City" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="StreetAddress" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/>
+ <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!-- End SignatureProductionPlace -->
<!-- Start SignerRole -->
<xsd:element name="SignerRole" type="SignerRoleType"/>
<xsd:complexType name="SignerRoleType">
@@ -349,6 +383,38 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
</xsd:sequence>
</xsd:complexType>
<!-- End SignerRole -->
+ <!-- Start SignerRoleV2 and SignerRoleV2Type -->
+ <xsd:element name="SignerRoleV2" type="SignerRoleV2Type"/>
+ <xsd:complexType name="SignerRoleV2Type">
+ <xsd:sequence>
+ <xsd:element ref="ClaimedRoles" minOccurs="0"/>
+ <xsd:element ref="CertifiedRolesV2" minOccurs="0"/>
+ <xsd:element ref="SignedAssertions" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"/>
+ <xsd:element name="CertifiedRolesV2" type="CertifiedRolesListTypeV2"/>
+ <xsd:element name="SignedAssertions" type="SignedAssertionsListType"/>
+ <xsd:complexType name="CertifiedRolesListTypeV2">
+ <xsd:sequence>
+ <xsd:element name="CertifiedRole" type="CertifiedRoleTypeV2" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CertifiedRoleTypeV2">
+ <xsd:choice>
+ <xsd:element ref="X509AttributeCertificate"/>
+ <xsd:element ref="OtherAttributeCertificate"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="X509AttributeCertificate" type="EncapsulatedPKIDataType"/>
+ <xsd:element name="OtherAttributeCertificate" type="AnyType"/>
+ <xsd:complexType name="SignedAssertionsListType">
+ <xsd:sequence>
+ <xsd:element ref="SignedAssertion" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:element name="SignedAssertion" type="AnyType"/>
+ <!-- End SignerRoleV2 and SignerRoleV2Type -->
<xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType"/>
<xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType"/>
<xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
@@ -464,3 +530,4 @@ EncapsulatedPKIDataType and containers for time-stamp tokens -->
<xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/>
<xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
</xsd:schema>
+
diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd
new file mode 100644
index 000000000..1f3aaf935
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES01903v132-201601.xsd"/>
+ <!-- Start CertificateValues -->
+ <xsd:element name="TimeStampValidationData" type="ValidationDataType"/>
+ <xsd:complexType name="ValidationDataType">
+ <xsd:sequence>
+ <xsd:element ref="xades:CertificateValues" minOccurs="0"/>
+ <xsd:element ref="xades:RevocationValues" minOccurs="0"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/>
+ </xsd:complexType>
+ <xsd:element name="SignaturePolicyStore" type="SignaturePolicyStoreType"/>
+ <xsd:complexType name="SignaturePolicyStoreType">
+ <xsd:sequence>
+ <xsd:element ref="SPDocSpecification"/>
+ <xsd:choice>
+ <xsd:element name="SignaturePolicyDocument" type="xsd:base64Binary"/>
+ <xsd:element name="SigPolDocLocalURI" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <xsd:element name="SPDocSpecification" type="xades:ObjectIdentifierType"/>
+ <!-- -->
+ <!-- Start RenewedDigests-->
+ <!-- -->
+ <xsd:element name="RenewedDigests" type="RenewedDigestsType"/>
+ <xsd:complexType name="RenewedDigestsType">
+ <xsd:sequence>
+ <xsd:element ref="ds:DigestMethod"/>
+ <xsd:element ref="RecomputedDigestValue" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <xsd:element name="RecomputedDigestValue" type="RecomputedDigestValueType"/>
+ <xsd:complexType name="RecomputedDigestValueType">
+ <xsd:simpleContent>
+ <xsd:extension base="ds:DigestValueType">
+ <xsd:attribute name="Order" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <!-- -->
+ <!-- End RenewedDigests-->
+ <!-- -->
+ <!-- ArchiveTimeStamp in namespace with URI 'http://uri.etsi.org/01903/v1.4.1#'-->
+ <xsd:element name="ArchiveTimeStamp" type="xades:XAdESTimeStampType"/>
+ <!--CompleteCertificateRefsV2 and AttributeCertificateRefsV2-->
+ <xsd:element name="CompleteCertificateRefsV2" type="CompleteCertificateRefsTypeV2"/>
+ <xsd:element name="AttributeCertificateRefsV2" type="CompleteCertificateRefsTypeV2"/>
+ <xsd:complexType name="CompleteCertificateRefsTypeV2">
+ <xsd:sequence>
+ <xsd:element name="CertRefs" type="xades:CertIDListV2Type"/>
+ </xsd:sequence>
+ <xsd:attribute name="Id" type="xsd:ID" use="optional"/>
+ </xsd:complexType>
+ <!-- SigAndRefsTimeStampV2 and RefsOnlyTimeStampV2-->
+ <xsd:element name="SigAndRefsTimeStampV2" type="xades:XAdESTimeStampType"/>
+ <xsd:element name="RefsOnlyTimeStampV2" type="xades:XAdESTimeStampType"/>
+</xsd:schema>
+