diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 12:59:02 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 12:59:02 +0200 |
commit | f27c63abbac1316da256ab3c7e49ebe449afb469 (patch) | |
tree | 6b736a41506d32c7e05a45829433a8c26312cd34 | |
parent | 92982d1ee7f13e5206ea192776b0a042d2ddea2f (diff) | |
download | moa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.tar.gz moa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.tar.bz2 moa-id-spss-f27c63abbac1316da256ab3c7e49ebe449afb469.zip |
update XAdES scheme 1.3.2 and 1.4.1
-rw-r--r-- | id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java | 4 | ||||
-rw-r--r-- | id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd | 15 | ||||
-rw-r--r-- | id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd (renamed from id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd) | 125 | ||||
-rw-r--r-- | id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd | 64 |
4 files changed, 162 insertions, 46 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java index c94222ea0..47abbf29a 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/Constants.java @@ -281,7 +281,7 @@ public interface Constants { /** Local location of the XAdES v1.1.1 schema definition */ public static final String XADES_1_3_2_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.3.2.xsd"; + SCHEMA_ROOT + "XAdES01903v132-201601.xsd"; /** URI of the XAdES v1.3.2 namespace */ public static final String XADES_1_3_2_NS_URI = "http://uri.etsi.org/01903/v1.3.2#"; @@ -290,7 +290,7 @@ public interface Constants { /** Local location of the XAdES v1.4.1 schema definition */ public static final String XADES_1_4_1_SCHEMA_LOCATION = - SCHEMA_ROOT + "XAdES-1.4.1.xsd"; + SCHEMA_ROOT + "XAdES01903v141-201601.xsd"; /** URI of the XAdES v1.4.1 namespace */ public static final String XADES_1_4_1_NS_URI = "http://uri.etsi.org/01903/v1.4.1#"; diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd deleted file mode 100644 index 274dbdca1..000000000 --- a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.4.1.xsd +++ /dev/null @@ -1,15 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified"> - <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES-1.3.2.xsd"/> - <!-- Start CertificateValues --> - <xsd:element name="TimeStampValidationData" type="ValidationDataType"/> - <xsd:complexType name="ValidationDataType"> - <xsd:sequence> - <xsd:element ref="xades:CertificateValues" minOccurs="0" /> - <xsd:element ref="xades:RevocationValues" minOccurs="0" /> - </xsd:sequence> - <xsd:attribute name="Id" type="xsd:ID" use="optional"/> - <xsd:attribute name="UR" type="xsd:anyURI" use="optional"/> - </xsd:complexType> - <xsd:element name="ArchiveTimeStampV2" type="xades:XAdESTimeStampType"/> -</xsd:schema> diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd index b05691515..e7a5f3a02 100644 --- a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES-1.3.2.xsd +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v132-201601.xsd @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.3.2#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://uri.etsi.org/01903/v1.3.2#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" elementFormDefault="qualified"> - <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/xmldsig-core-schema.xsd"/> <!-- Start auxiliary types definitions: AnyType, ObjectIdentifierType, EncapsulatedPKIDataType and containers for time-stamp tokens --> <!-- Start AnyType --> @@ -125,8 +125,8 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="QualifyingProperties" type="QualifyingPropertiesType"/> <xsd:complexType name="QualifyingPropertiesType"> <xsd:sequence> - <xsd:element name="SignedProperties" type="SignedPropertiesType" minOccurs="0"/> - <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType" minOccurs="0"/> + <xsd:element ref="SignedProperties" minOccurs="0"/> + <xsd:element ref="UnsignedProperties" minOccurs="0"/> </xsd:sequence> <xsd:attribute name="Target" type="xsd:anyURI" use="required"/> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> @@ -136,8 +136,8 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="SignedProperties" type="SignedPropertiesType"/> <xsd:complexType name="SignedPropertiesType"> <xsd:sequence> - <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType" minOccurs="0"/> - <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType" minOccurs="0"/> + <xsd:element ref="SignedSignatureProperties" minOccurs="0"/> + <xsd:element ref="SignedDataObjectProperties" minOccurs="0"/> </xsd:sequence> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> </xsd:complexType> @@ -146,21 +146,26 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="UnsignedProperties" type="UnsignedPropertiesType"/> <xsd:complexType name="UnsignedPropertiesType"> <xsd:sequence> - <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType" minOccurs="0"/> - <xsd:element name="UnsignedDataObjectProperties" type="UnsignedDataObjectPropertiesType" minOccurs="0"/> + <xsd:element ref="UnsignedSignatureProperties" minOccurs="0"/> + <xsd:element ref="UnsignedDataObjectProperties" minOccurs="0"/> </xsd:sequence> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> </xsd:complexType> <!-- End UnsignedProperties--> <!-- Start SignedSignatureProperties--> + <!-- Definition changed: added new optional children for EN --> <xsd:element name="SignedSignatureProperties" type="SignedSignaturePropertiesType"/> <xsd:complexType name="SignedSignaturePropertiesType"> <xsd:sequence> - <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> - <xsd:element name="SigningCertificate" type="CertIDListType" minOccurs="0"/> - <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType" minOccurs="0"/> - <xsd:element name="SignatureProductionPlace" type="SignatureProductionPlaceType" minOccurs="0"/> - <xsd:element name="SignerRole" type="SignerRoleType" minOccurs="0"/> + <xsd:element ref="SigningTime" minOccurs="0"/> + <xsd:element ref="SigningCertificate" minOccurs="0"/> + <xsd:element ref="SigningCertificateV2" minOccurs="0"/> + <xsd:element ref="SignaturePolicyIdentifier" minOccurs="0"/> + <xsd:element ref="SignatureProductionPlace" minOccurs="0"/> + <xsd:element ref="SignatureProductionPlaceV2" minOccurs="0"/> + <xsd:element ref="SignerRole" minOccurs="0"/> + <xsd:element ref="SignerRoleV2" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> </xsd:complexType> @@ -169,10 +174,11 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="SignedDataObjectProperties" type="SignedDataObjectPropertiesType"/> <xsd:complexType name="SignedDataObjectPropertiesType"> <xsd:sequence> - <xsd:element name="DataObjectFormat" type="DataObjectFormatType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="CommitmentTypeIndication" type="CommitmentTypeIndicationType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/> - <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="DataObjectFormat" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="CommitmentTypeIndication" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="AllDataObjectsTimeStamp" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element ref="IndividualDataObjectsTimeStamp" minOccurs="0" maxOccurs="unbounded"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> </xsd:complexType> @@ -181,19 +187,19 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="UnsignedSignatureProperties" type="UnsignedSignaturePropertiesType"/> <xsd:complexType name="UnsignedSignaturePropertiesType"> <xsd:choice maxOccurs="unbounded"> - <xsd:element name="CounterSignature" type="CounterSignatureType"/> - <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/> - <xsd:element name="CompleteCertificateRefs" type="CompleteCertificateRefsType"/> - <xsd:element name="CompleteRevocationRefs" type="CompleteRevocationRefsType"/> - <xsd:element name="AttributeCertificateRefs" type="CompleteCertificateRefsType"/> - <xsd:element name="AttributeRevocationRefs" type="CompleteRevocationRefsType"/> - <xsd:element name="SigAndRefsTimeStamp" type="XAdESTimeStampType"/> - <xsd:element name="RefsOnlyTimeStamp" type="XAdESTimeStampType"/> - <xsd:element name="CertificateValues" type="CertificateValuesType"/> - <xsd:element name="RevocationValues" type="RevocationValuesType"/> - <xsd:element name="AttrAuthoritiesCertValues" type="CertificateValuesType"/> - <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/> - <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/> + <xsd:element ref="CounterSignature"/> + <xsd:element ref="SignatureTimeStamp"/> + <xsd:element ref="CompleteCertificateRefs"/> + <xsd:element ref="CompleteRevocationRefs"/> + <xsd:element ref="AttributeCertificateRefs"/> + <xsd:element ref="AttributeRevocationRefs"/> + <xsd:element ref="SigAndRefsTimeStamp"/> + <xsd:element ref="RefsOnlyTimeStamp"/> + <xsd:element ref="CertificateValues"/> + <xsd:element ref="RevocationValues"/> + <xsd:element ref="AttrAuthoritiesCertValues"/> + <xsd:element ref="AttributeRevocationValues"/> + <xsd:element ref="ArchiveTimeStamp"/> <xsd:any namespace="##other"/> </xsd:choice> <xsd:attribute name="Id" type="xsd:ID" use="optional"/> @@ -240,6 +246,21 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> </xsd:sequence> </xsd:complexType> <!-- End SigningCertificate --> + <!-- Start SigningCertificateV2 and CertIDListV2Type --> + <xsd:element name="SigningCertificateV2" type="CertIDListV2Type"/> + <xsd:complexType name="CertIDListV2Type"> + <xsd:sequence> + <xsd:element name="Cert" type="CertIDTypeV2" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertIDTypeV2"> + <xsd:sequence> + <xsd:element name="CertDigest" type="DigestAlgAndValueType"/> + <xsd:element name="IssuerSerialV2" type="xsd:base64Binary" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <!-- End SigningCertificateV2 and CertIDListV2Type --> <!-- Start SignaturePolicyIdentifier --> <xsd:element name="SignaturePolicyIdentifier" type="SignaturePolicyIdentifierType"/> <xsd:complexType name="SignaturePolicyIdentifierType"> @@ -287,6 +308,7 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:sequence> <xsd:element ref="ds:Signature"/> </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> </xsd:complexType> <!-- End CounterSignature --> <!-- Start DataObjectFormat --> @@ -330,6 +352,18 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> </xsd:sequence> </xsd:complexType> <!-- End SignatureProductionPlace --> + <!-- Start SignatureProductionPlaceV2 and SignatureProductionPlaceV2Type --> + <xsd:element name="SignatureProductionPlaceV2" type="SignatureProductionPlaceV2Type"/> + <xsd:complexType name="SignatureProductionPlaceV2Type"> + <xsd:sequence> + <xsd:element name="City" type="xsd:string" minOccurs="0"/> + <xsd:element name="StreetAddress" type="xsd:string" minOccurs="0"/> + <xsd:element name="StateOrProvince" type="xsd:string" minOccurs="0"/> + <xsd:element name="PostalCode" type="xsd:string" minOccurs="0"/> + <xsd:element name="CountryName" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <!-- End SignatureProductionPlace --> <!-- Start SignerRole --> <xsd:element name="SignerRole" type="SignerRoleType"/> <xsd:complexType name="SignerRoleType"> @@ -349,6 +383,38 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> </xsd:sequence> </xsd:complexType> <!-- End SignerRole --> + <!-- Start SignerRoleV2 and SignerRoleV2Type --> + <xsd:element name="SignerRoleV2" type="SignerRoleV2Type"/> + <xsd:complexType name="SignerRoleV2Type"> + <xsd:sequence> + <xsd:element ref="ClaimedRoles" minOccurs="0"/> + <xsd:element ref="CertifiedRolesV2" minOccurs="0"/> + <xsd:element ref="SignedAssertions" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="ClaimedRoles" type="ClaimedRolesListType"/> + <xsd:element name="CertifiedRolesV2" type="CertifiedRolesListTypeV2"/> + <xsd:element name="SignedAssertions" type="SignedAssertionsListType"/> + <xsd:complexType name="CertifiedRolesListTypeV2"> + <xsd:sequence> + <xsd:element name="CertifiedRole" type="CertifiedRoleTypeV2" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CertifiedRoleTypeV2"> + <xsd:choice> + <xsd:element ref="X509AttributeCertificate"/> + <xsd:element ref="OtherAttributeCertificate"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="X509AttributeCertificate" type="EncapsulatedPKIDataType"/> + <xsd:element name="OtherAttributeCertificate" type="AnyType"/> + <xsd:complexType name="SignedAssertionsListType"> + <xsd:sequence> + <xsd:element ref="SignedAssertion" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:element name="SignedAssertion" type="AnyType"/> + <!-- End SignerRoleV2 and SignerRoleV2Type --> <xsd:element name="AllDataObjectsTimeStamp" type="XAdESTimeStampType"/> <xsd:element name="IndividualDataObjectsTimeStamp" type="XAdESTimeStampType"/> <xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/> @@ -464,3 +530,4 @@ EncapsulatedPKIDataType and containers for time-stamp tokens --> <xsd:element name="AttributeRevocationValues" type="RevocationValuesType"/> <xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/> </xsd:schema> + diff --git a/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd new file mode 100644 index 000000000..1f3aaf935 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/resources/schemas/XAdES01903v141-201601.xsd @@ -0,0 +1,64 @@ +<?xml version="1.0" encoding="UTF-8"?> +<xsd:schema targetNamespace="http://uri.etsi.org/01903/v1.4.1#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="http://uri.etsi.org/01903/v1.4.1#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#" elementFormDefault="qualified"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="http://uri.etsi.org/01903/v1.3.2/XAdES01903v132-201601.xsd"/> + <!-- Start CertificateValues --> + <xsd:element name="TimeStampValidationData" type="ValidationDataType"/> + <xsd:complexType name="ValidationDataType"> + <xsd:sequence> + <xsd:element ref="xades:CertificateValues" minOccurs="0"/> + <xsd:element ref="xades:RevocationValues" minOccurs="0"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + <xsd:attribute name="URI" type="xsd:anyURI" use="optional"/> + </xsd:complexType> + <xsd:element name="SignaturePolicyStore" type="SignaturePolicyStoreType"/> + <xsd:complexType name="SignaturePolicyStoreType"> + <xsd:sequence> + <xsd:element ref="SPDocSpecification"/> + <xsd:choice> + <xsd:element name="SignaturePolicyDocument" type="xsd:base64Binary"/> + <xsd:element name="SigPolDocLocalURI" type="xsd:anyURI"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <xsd:element name="SPDocSpecification" type="xades:ObjectIdentifierType"/> + <!-- --> + <!-- Start RenewedDigests--> + <!-- --> + <xsd:element name="RenewedDigests" type="RenewedDigestsType"/> + <xsd:complexType name="RenewedDigestsType"> + <xsd:sequence> + <xsd:element ref="ds:DigestMethod"/> + <xsd:element ref="RecomputedDigestValue" maxOccurs="unbounded"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <xsd:element name="RecomputedDigestValue" type="RecomputedDigestValueType"/> + <xsd:complexType name="RecomputedDigestValueType"> + <xsd:simpleContent> + <xsd:extension base="ds:DigestValueType"> + <xsd:attribute name="Order" type="xsd:integer" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <!-- --> + <!-- End RenewedDigests--> + <!-- --> + <!-- ArchiveTimeStamp in namespace with URI 'http://uri.etsi.org/01903/v1.4.1#'--> + <xsd:element name="ArchiveTimeStamp" type="xades:XAdESTimeStampType"/> + <!--CompleteCertificateRefsV2 and AttributeCertificateRefsV2--> + <xsd:element name="CompleteCertificateRefsV2" type="CompleteCertificateRefsTypeV2"/> + <xsd:element name="AttributeCertificateRefsV2" type="CompleteCertificateRefsTypeV2"/> + <xsd:complexType name="CompleteCertificateRefsTypeV2"> + <xsd:sequence> + <xsd:element name="CertRefs" type="xades:CertIDListV2Type"/> + </xsd:sequence> + <xsd:attribute name="Id" type="xsd:ID" use="optional"/> + </xsd:complexType> + <!-- SigAndRefsTimeStampV2 and RefsOnlyTimeStampV2--> + <xsd:element name="SigAndRefsTimeStampV2" type="xades:XAdESTimeStampType"/> + <xsd:element name="RefsOnlyTimeStampV2" type="xades:XAdESTimeStampType"/> +</xsd:schema> + |