Initial commit

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@2 d688527b-c9ab-4aba-bd8d-4036d912da1d

41 files changed, 3209 insertions, 0 deletions

diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
new file mode 100644
index 000000000..eaee58d3f
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/cmsverify/CMSSignatureVerificationProfileImpl.java
@@ -0,0 +1,37 @@
+package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
+
+import iaik.pki.PKIProfile;
+import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
+
+/**
+ * An implementation of the <code>CMSSignatureVerificationProfile</code>
+ * interface.
+ * 
+ * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CMSSignatureVerificationProfileImpl
+  implements CMSSignatureVerificationProfile {
+    
+  /** The profile for validating the certificate. */
+  private PKIProfile certificateValidationProfile;
+
+  /**
+   * @see iaik.server.modules.cmsverify.CMSSignatureVerificationProfile#getCertificateValidationProfile()
+   */
+  public PKIProfile getCertificateValidationProfile() {
+    return certificateValidationProfile;
+  }
+
+  /**
+   * Sets the profile for validating the signer certificate.
+   * 
+   * @param certificateValidationProfile The certificate validation profile to
+   * set.
+   */
+  public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+    this.certificateValidationProfile = certificateValidationProfile;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
new file mode 100644
index 000000000..713891714
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractKeyModuleConfigurationImpl.java
@@ -0,0 +1,36 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.keys.KeyModuleConfiguration;
+
+/**
+ * Base implementation class for the <code>KeyModuleConfiguration</code>
+ * interface and the interfaces derived from it.
+ * 
+ * @see iaik.server.modules.keys.KeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class AbstractKeyModuleConfigurationImpl
+  implements KeyModuleConfiguration {
+
+  /** The module ID. */    
+  private String moduleID;
+  
+  /**
+   * Creata new <code>AbstractKeyModuleConfigurationImpl</code>.
+   * 
+   * @param moduleID The key module ID of this
+   * <code>KeyModuleConfiguration</code>.
+   */
+  public AbstractKeyModuleConfigurationImpl(String moduleID) {
+    this.moduleID = moduleID;
+  }
+
+  /**
+   * @see iaik.server.modules.keys.KeyModuleConfiguration#getModuleID()
+   */
+  public String getModuleID() {
+    return moduleID;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
new file mode 100644
index 000000000..ac4286701
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/AbstractObservableConfiguration.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.servertools.observer.NotificationData;
+import iaik.servertools.observer.Observable;
+import iaik.servertools.observer.Observer;
+
+/**
+ * A base class for observable configuration data.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class AbstractObservableConfiguration implements Observable {
+
+  /** The observers registered with this <code>Observable</code>. */
+  private List observers = new ArrayList();
+
+  /**
+   * @see iaik.utils.observer.Observable#addObserver(iaik.utils.observer.Observer)
+   */
+  public void addObserver(Observer observer) {
+    observers.add(observer);
+  }
+
+  /**
+   * @see iaik.utils.observer.Observable#removeObserver(iaik.utils.observer.Observer)
+   */
+  public boolean removeObserver(Observer observer) {
+    return observers.remove(observer);
+  }
+
+  /**
+   * @see iaik.utils.observer.Observable#notify(iaik.utils.observer.NotificationData)
+   */
+  public void notify(NotificationData data) {
+    Iterator iter = observers.iterator();
+
+    for (iter = observers.iterator(); iter.hasNext();) {
+      Observer observer = (Observer) iter.next();
+      observer.notify(data);
+    }
+  }
+  
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
new file mode 100644
index 000000000..22d798bc3
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ArchiveConfigurationImpl.java
@@ -0,0 +1,62 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.revocation.archive.ArchiveConfiguration;
+import iaik.pki.store.revocation.archive.ArchiveParameter;
+import iaik.pki.store.revocation.archive.ArchiveTypes;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ArchiveConfiguration</code> interface
+ * using configuration data provided by the MOA configuration file.
+ * 
+ * @see iaik.pki.store.revocation.archive.ArchiveConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ArchiveConfigurationImpl
+  extends AbstractObservableConfiguration
+  implements ArchiveConfiguration {
+    
+  /** The configuration parameters of the archive. */
+  private ArchiveParameter archiveParameters;
+
+  /**
+   * Create a new <code>ArchiveConfigurationImpl</code>.
+   * 
+   * @param config The MOA configuration from which the configuration data is
+   * being read.
+   */
+  public ArchiveConfigurationImpl(ConfigurationProvider config) {
+    String jdbcUrl =
+      config.getGenericConfiguration(
+        ConfigurationProvider.DATABASE_ARCHIVE_PARAMETER_PROPERTY);
+
+    if (jdbcUrl != null) {
+      this.archiveParameters = new DataBaseArchiveParameterImpl(jdbcUrl);
+    }
+  }
+
+  /**
+   * Return the type of archive.
+   * 
+   * This will always return <code>ArchiveTypes.DATABASE</code>.
+   * @return <code>ArchiveTypes.DATABASE</code>.
+   * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getType()
+   */
+  public String getType() {
+    return ArchiveTypes.DATABASE;
+  }
+
+  /**
+   * Return the <code>ArchiveParameters</code> describing this
+   * <code>ArchiveConfiguration</code>.
+   * 
+   * @return The archive parameters.
+   * @see iaik.pki.store.revocation.archive.ArchiveConfiguration#getArchiveParameters()
+   */
+  public ArchiveParameter getArchiveParameters() {
+    return archiveParameters;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java
new file mode 100644
index 000000000..1c2df80a5
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLDistributionPointAdapter.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.revocation.CRLDistributionPoint;
+import iaik.pki.revocation.RevocationSourceTypes;
+
+import at.gv.egovernment.moa.spss.server.config.DistributionPoint;
+
+/**
+ * A class that wraps an 
+ * at.gv.egovernment.moa.spss.server.config.DistributionPoint as a 
+ * iaik.pki.revocation.CRLDistributionPoint.
+ * 
+ * @see iaik.pki.revocation.CRLDistributionPoint
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CRLDistributionPointAdapter implements CRLDistributionPoint {
+  
+  /** The wrapped <code>DistributionPoint</code>. */
+  private DistributionPoint distributionPoint;
+  
+  /**
+   * Create a new <code>CRLDistributionPointAdapter</code>.
+   * 
+   * @param distributionPoint The <code>DistributionPoint</code> to wrap. It
+   * contains the data configured in the MOA configuration.
+   */
+  public CRLDistributionPointAdapter(DistributionPoint distributionPoint) {
+    this.distributionPoint = distributionPoint;    
+  }
+
+  /**
+   * @see iaik.pki.revocation.CRLDistributionPoint#getReasonCodes()
+   */
+  public int getReasonCodes() {
+    return distributionPoint.getReasonCodes();
+  }
+
+  /**
+   * @return <code>RevocationSourceTypes.CRL</code>
+   * @see iaik.pki.revocation.DistributionPoint#getType()
+   */
+  public String getType() {
+    return RevocationSourceTypes.CRL;
+  }
+
+  /**
+   * @see iaik.pki.revocation.DistributionPoint#getUri()
+   */
+  public String getUri() {
+    return distributionPoint.getUri();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
new file mode 100644
index 000000000..c9be3fc2b
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CertStoreConfigurationImpl.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.certstore.CertStoreConfiguration;
+import iaik.pki.store.certstore.CertStoreParameters;
+import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>CertStoreConfiguration</code> interface based
+ * on MOA configuration data.
+ * 
+ * @see iaik.pki.store.certstore.CertStoreConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CertStoreConfigurationImpl
+  extends AbstractObservableConfiguration
+  implements CertStoreConfiguration {
+
+  /** The configuration parameters of the <code>CertStore</code>. */
+  private CertStoreParameters[] parameters;
+
+  /**
+   * Create a new <code>CertStoreConfigurationImpl</code>.
+   * 
+   * @param config The MOA configuration from which the configuration data is
+   * being read.
+   */
+  public CertStoreConfigurationImpl(ConfigurationProvider config) {
+    String certStoreRoot =
+      config.getGenericConfiguration(
+        ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY,
+        "certstore");
+
+    if (certStoreRoot != null) {
+      DirectoryCertStoreParameters dirParameters =
+        new DirectoryCertStoreParametersImpl(
+          "MOA Directory CertStore",
+          certStoreRoot,
+          true,
+          false);
+      parameters = new CertStoreParameters[] { dirParameters };
+    }
+  }
+
+  /**
+   * @see iaik.pki.store.certstore.CertStoreConfiguration#getParameters()
+   */
+  public CertStoreParameters[] getParameters() {
+    return parameters;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
new file mode 100644
index 000000000..7aa4cbe4b
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImpl.java
@@ -0,0 +1,121 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.logging.LoggerConfig;
+import iaik.pki.PKIConfiguration;
+import iaik.server.ConfigurationData;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
+
+/**
+ * An implementation of the <code>ConfigurationData</code> interface using
+ * MOA configuration data.
+ * 
+ * @see iaik.server.ConfigurationData
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ConfigurationDataImpl implements ConfigurationData {
+  /** PKI configuration data. */
+  private PKIConfiguration pkiConfiguration;
+  /** Crypto modules configuration data. */
+  private List cryptoModuleConfigurations;
+  /** Key modules configuration data. */
+  private List keyModuleConfigurations;
+  /** Logging configuration data. */
+  private LoggerConfig loggerConfig;
+
+  /**
+   * Create a new <code>ConfigurationDataImpl</code>.
+   * 
+   * @param config The underlying MOA configuration data.
+   */
+  public ConfigurationDataImpl(ConfigurationProvider config) {
+    this.pkiConfiguration = new PKIConfigurationImpl(config);
+    this.cryptoModuleConfigurations = buildCryptoModuleConfigurations(config);
+    this.keyModuleConfigurations = buildKeyModuleConfigurations(config);
+    this.loggerConfig = new LoggerConfigImpl();
+  }
+
+  /**
+   * Build the list of <code>CryptoModuleConfiguration</code>s.
+   * 
+   * @param config The underlying MOA configuration data.
+   * @return The list of <code>CryptoModuleConfiguration</code>s configured in
+   * the MOA configuration.
+   */
+  private List buildCryptoModuleConfigurations(ConfigurationProvider config) {
+    List modules = new ArrayList();
+    Iterator iter = config.getHardwareCryptoModules().iterator();
+    
+    while (iter.hasNext()) {
+      HardwareCryptoModule module = (HardwareCryptoModule) iter.next();
+      modules.add(new HardwareCryptoModuleConfigurationImpl(module));
+    }
+    
+    return modules;
+  }
+  
+  /**
+   * Build the list of <code>KeyModuleConfiguration</code>s.
+   * 
+   * @param config The underlying MOA configuration data.
+   * @return The list of <code>KeyModuleConfiguration</code>s configured in the
+   * MOA configuration.
+   */
+  private List buildKeyModuleConfigurations(ConfigurationProvider config) {
+    List keys = new ArrayList();
+    Iterator iter;
+    
+    // add the hardware keys
+    iter = config.getHardwareKeyModules().iterator();
+    while (iter.hasNext()) {
+      HardwareKeyModule key = (HardwareKeyModule) iter.next();
+      keys.add(new HardwareKeyModuleConfigurationImpl(key));
+    }
+    
+    // add the software keys
+    iter = config.getSoftwareKeyModules().iterator();
+    while (iter.hasNext()) {
+      SoftwareKeyModule key = (SoftwareKeyModule) iter.next();
+      keys.add(new SoftwareKeyModuleConfigurationImpl(key));
+    }
+    
+    return keys;
+  }
+
+  /**
+   * @see iaik.server.ConfigurationData#getPKIConfiguration()
+   */
+  public PKIConfiguration getPKIConfiguration() {
+    return pkiConfiguration;
+  }
+
+  /**
+   * @see iaik.server.ConfigurationData#getCryptoModuleConfigurations()
+   */
+  public List getCryptoModuleConfigurations() {
+    return cryptoModuleConfigurations;
+  }
+
+  /**
+   * @see iaik.server.ConfigurationData#getKeyModuleConfigurations()
+   */
+  public List getKeyModuleConfigurations() {
+    return keyModuleConfigurations;
+  }
+
+  /**
+   * @see iaik.server.ConfigurationData#getLoggerConfig()
+   */
+  public LoggerConfig getLoggerConfig() {
+    return loggerConfig;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
new file mode 100644
index 000000000..d67523944
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DataBaseArchiveParameterImpl.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter;
+
+/**
+ * An implementation of the <code>DataBaseArchiveParameter</code> interface.
+ * 
+ * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DataBaseArchiveParameterImpl implements DataBaseArchiveParameter {
+
+  /** The JDBC URL for accessing the archive. */
+  private String jDBCUrl;
+
+  /**
+   * Create a new <code>DataBaseArchiveParameterImpl</code>.
+   * 
+   * @param jDBCUrl The JDBC URL of the archive.
+   */
+  public DataBaseArchiveParameterImpl(String jDBCUrl) {
+    this.jDBCUrl = jDBCUrl;
+  }
+
+  /**
+   * @see iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter#getJDBCUrl()
+   */
+  public String getJDBCUrl() {
+    return jDBCUrl;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
new file mode 100644
index 000000000..2b00d6766
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/DirectoryCertStoreParametersImpl.java
@@ -0,0 +1,81 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.store.certstore.CertStoreTypes;
+import iaik.pki.store.certstore.directory.DirectoryCertStoreParameters;
+
+/**
+ * An implementation of the <code>DirectoryCertStoreParameters</code> interface.
+ * 
+ * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DirectoryCertStoreParametersImpl
+  implements DirectoryCertStoreParameters {
+
+  /** The root directory of the <code>CertStore</code>. */
+  private String rootDirectory;
+  /** Whether a new directory may be created. */
+  private boolean createNew;
+  /** The <code>CertStore</code> ID. */
+  private String id;
+  /** Whether the <code>CertStore</code> is read-only. */
+  private boolean readOnly;
+
+  /**
+   * Create a new <code>DirectoryCertStoreParameterImpl</code>.
+   * 
+   * @param id The <code>CertStore</code> ID.
+   * @param rootDirectory The root directory of the <code>CertStore</code>.
+   * @param createNew Whether a new directory may be created.
+   * @param readOnly Whether the <code>CertStore</code> is read-only.
+   */
+  public DirectoryCertStoreParametersImpl(
+    String id,
+    String rootDirectory,
+    boolean createNew,
+    boolean readOnly) {
+    
+    this.id = id;  
+    this.rootDirectory = rootDirectory;
+    this.createNew = createNew;
+    this.readOnly = readOnly;
+  }
+
+  /**
+   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#getRootDirectory()
+   */
+  public String getRootDirectory() {
+    return rootDirectory;
+  }
+
+  /**
+   * @see iaik.pki.store.certstore.directory.DirectoryCertStoreParameters#createNew()
+   */
+  public boolean createNew() {
+    return createNew;
+  }
+
+  /**
+   * @see iaik.pki.store.certstore.CertStoreParameters#getId()
+   */
+  public String getId() {
+    return id;
+  }
+
+  /**
+   * @see iaik.pki.store.certstore.CertStoreParameters#isReadOnly()
+   */
+  public boolean isReadOnly() {
+    return readOnly;
+  }
+
+  /**
+   * @return <code>CertStoreTypes.DIRECTORY</code>
+   * @see iaik.pki.store.certstore.CertStoreParameters#getType()
+   */
+  public String getType() {
+    return CertStoreTypes.DIRECTORY;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
new file mode 100644
index 000000000..3c8f4c002
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareCryptoModuleConfigurationImpl.java
@@ -0,0 +1,51 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.crypto.HardwareCryptoModuleConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+
+/**
+ * An implementation of the <code>HardwareCryptoModuleConfiguration</code>
+ * wrapping a <code>HardwareCryptoModule</code> from the MOA configuration.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareCryptoModuleConfigurationImpl
+  implements HardwareCryptoModuleConfiguration {
+  
+  /** The wrapped <code>HardwareCryptoModule</code>. */  
+  private HardwareCryptoModule module;
+  
+  /**
+   * Create a new <code>HardwareCryptoModuleConfigurationImpl</code>.
+   * 
+   * @param module The <code>HardwareCryptoModule</code> from the underlying MOA
+   * configuration.
+   */  
+  public HardwareCryptoModuleConfigurationImpl(HardwareCryptoModule module) {
+    this.module = module;
+  }
+
+  /**
+   * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getModuleName()
+   */
+  public String getModuleName() {
+    return module.getName();
+  }
+
+  /**
+   * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getSlotID()
+   */
+  public String getSlotID() {
+    return module.getSlotID();
+  }
+
+  /**
+   * @see iaik.server.modules.crypto.HardwareCryptoModuleConfiguration#getUserPIN()
+   */
+  public char[] getUserPIN() {
+    return module.getUserPIN().toCharArray();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
new file mode 100644
index 000000000..d905588c6
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/HardwareKeyModuleConfigurationImpl.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.server.modules.keys.HardwareKeyModuleConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+
+/**
+ * An implementation of the <code>HardwareKeyModuleConfiguration</code>
+ * interface wrapping a <code>HardwareKeyModule</code> from the MOA
+ * configuration.
+ * 
+ * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class HardwareKeyModuleConfigurationImpl
+  extends AbstractKeyModuleConfigurationImpl
+  implements HardwareKeyModuleConfiguration {
+
+  /** The wrapped <code>HardwareKeyModule</code>. */
+  private HardwareKeyModule keyModule;
+
+  /**
+   * Create a new <code>HardwareKeyModuleConfigurationImpl</code>.
+   * 
+   * @param keyModule The <code>HardwareKeyModule</code> from the underlying
+   * MOA configuration.
+   */
+  public HardwareKeyModuleConfigurationImpl(HardwareKeyModule keyModule) {
+    super(keyModule.getId());
+    this.keyModule = keyModule;
+  }
+
+  /**
+   * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getModuleName()
+   */
+  public String getModuleName() {
+    return keyModule.getName();
+  }
+
+  /**
+   * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getSlotID()
+   */
+  public String getSlotID() {
+    return keyModule.getSlotID();
+  }
+
+  /**
+   * @see iaik.server.modules.keys.HardwareKeyModuleConfiguration#getUserPIN()
+   */
+  public char[] getUserPIN() {
+    return keyModule.getUserPIN().toCharArray();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
new file mode 100644
index 000000000..8bd410ac7
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -0,0 +1,162 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import iaik.pki.store.truststore.TrustStoreFactory;
+import iaik.server.ConfigurationData;
+import iaik.server.Configurator;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.KeyGroup;
+import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * A class responsible for configuring the IAIK MOA modules.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class IaikConfigurator {
+
+  /** The warnings encountered during configuration. */
+  private List warnings = new ArrayList();
+
+  /**
+   * Configure the IAIK MOA subsystem.
+   * 
+   * @param moaConfig The underlying MOA configuration.
+   * @throws ConfigurationException An error occurred configuring the IAIK
+   * MOA subsystem.
+   */
+  public void configure(ConfigurationProvider moaConfig)
+    throws ConfigurationException {
+    ConfigurationData configData = new ConfigurationDataImpl(moaConfig);
+    
+    warnings = new ArrayList();
+
+    try {
+      Configurator.init(configData, new TransactionId("IaikConfigurator"));
+      dumpKeyEntryIDs();
+      checkKeyGroupConfig(moaConfig);
+      TrustStoreFactory.reset();
+    } catch (iaik.server.ConfigurationException e) {
+      throw new ConfigurationException("config.08", null, e);
+    } catch (Throwable t) {
+      throw new ConfigurationException("config.08", null, t);
+    }
+  }
+
+  /**
+   * Return the warnings encountered during configuration.
+   * 
+   * @return The warnings.
+   */  
+  public List getWarnings() {
+    return warnings;
+  }
+
+  /**
+   * Dump all <code>KeyEntryID</code>s contained in the configured
+   * <code>KeyModule</code>s to the log file.
+   */
+  private void dumpKeyEntryIDs() {
+    MessageProvider msg = MessageProvider.getInstance();
+    KeyModule module = KeyModuleFactory.getInstance(new TransactionId("dump"));
+    Set keyEntryIds = module.getPrivateKeyEntryIDs();
+    Iterator iter;
+
+    for (iter = keyEntryIds.iterator(); iter.hasNext();) {
+      KeyEntryID keyEntryId = (KeyEntryID) iter.next();
+      Logger.info(
+        new LogMsg(msg.getMessage("config.19", new Object[] { keyEntryId })));
+    }
+  }
+
+  /**
+   * Check that each key group entry in each key group can be resolved to a 
+   * KeyEntryID.
+   * 
+   * Logs a warning for each key group entry that cannot be resolved.
+   * 
+   * @param moaConfig The MOA configuration to check.
+   */
+  private void checkKeyGroupConfig(ConfigurationProvider moaConfig) {
+    Map keyGroups = moaConfig.getKeyGroups();
+    Iterator iter;
+
+    for (iter = keyGroups.values().iterator(); iter.hasNext();) {
+      KeyGroup keyGroup = (KeyGroup) iter.next();
+      Set keyGroupEntries = keyGroup.getKeyGroupEntries();
+      Iterator kgIter;
+
+      for (kgIter = keyGroupEntries.iterator(); kgIter.hasNext();) {
+        KeyGroupEntry entry = (KeyGroupEntry) kgIter.next();
+
+        if (!findKeyEntryID(entry)) {
+          warn(
+            "config.31",
+            new Object[] {
+              keyGroup.getId(),
+              entry.getModuleID(),
+              entry.getIssuerDN(),
+              entry.getSerialNumber()});
+        }
+      }
+    }
+  }
+
+  /**
+   * Find out that a certain KeyGroupEntry could be resolved to a KeyEntryID
+   * by the Configurator.
+   *
+   * @param keyGroupEntry The key group entry to find.
+   * @return <code>true</code>, if the <code>keyGroupEntry</code> could be
+   * resolved to a <code>KeyEntryID</code>; otherwise <code>false</code>.
+   */
+  private boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
+    KeyModule module = KeyModuleFactory.getInstance(new TransactionId("check"));
+    Set keyEntryIDs = module.getPrivateKeyEntryIDs();
+    Iterator iter;
+
+    for (iter = keyEntryIDs.iterator(); iter.hasNext();) {
+      KeyEntryID entry = (KeyEntryID) iter.next();
+
+      if (entry.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN())
+        && entry.getCertificateSerialNumber().equals(
+          keyGroupEntry.getSerialNumber())
+        && entry.getModuleID().equals(keyGroupEntry.getModuleID())) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  /**
+   * Log a warning.
+   * 
+   * @param messageId The message ID.
+   * @param args Additional parameters for the message.
+   * @see at.gv.egovernment.moa.spss.server.util.MessageProvider
+   */
+  private void warn(String messageId, Object[] args) {
+    MessageProvider msg = MessageProvider.getInstance();
+    String txt = msg.getMessage(messageId, args);
+
+    Logger.warn(new LogMsg(txt));
+    warnings.add(txt);
+  }
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
new file mode 100644
index 000000000..9679e8d18
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
@@ -0,0 +1,34 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.util.Properties;
+
+import iaik.logging.LogConfigurationException;
+import iaik.logging.LoggerConfig;
+
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+
+/**
+ * Default implementation of the <code>LoggerConfig</code> interface.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class LoggerConfigImpl implements LoggerConfig {
+  
+  /** The implementation of iaik.logging.LogFactory. */
+  private static final String DEFAULT_IMPLEMENTATION = 
+    "at.gv.egovernment.moa.spss.server.logging.IaikLogFactory";
+
+  public String getFactory() {
+    return DEFAULT_IMPLEMENTATION;
+  }
+
+  public Properties getProperties() throws LogConfigurationException {
+    return new Properties();
+  }
+
+  public String getNodeId() {
+    return LoggingContextManager.getInstance().getLoggingContext().getNodeID();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
new file mode 100644
index 000000000..0703cd326
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
@@ -0,0 +1,85 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.pki.PKIConfiguration;
+import iaik.pki.pathvalidation.ValidationConfiguration;
+import iaik.pki.revocation.RevocationConfiguration;
+import iaik.pki.store.certstore.CertStoreConfiguration;
+import iaik.pki.store.revocation.archive.ArchiveConfiguration;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>PKIConfiguration</code> interface using data
+ * from the MOA configuration.
+ * 
+ * @see iaik.pki.PKIConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class PKIConfigurationImpl implements PKIConfiguration {
+  /** The <code>CertStore</code> configuration. */
+  private CertStoreConfiguration certStoreConfiguration;
+  /** The revocation checking configuration. */
+  private RevocationConfiguration revocationConfiguration;
+  /** The revocation archive configuration. */
+  private ArchiveConfiguration archiveConfiguration;
+  /** The certificate validation configuration. */
+  private ValidationConfiguration validationConfiguration;
+
+  /**
+   * Create a new <code>PKIConfigurationImpl</code>.
+   * 
+   * @param config The underlying MOA configuration which will be used to build
+   * the configuration data contained in this object.
+   */
+  public PKIConfigurationImpl(ConfigurationProvider config) {
+    String archiveInfo;
+
+    this.certStoreConfiguration = new CertStoreConfigurationImpl(config);
+
+    this.revocationConfiguration = new RevocationConfigurationImpl(config);
+
+    archiveInfo =
+      config.getGenericConfiguration(
+        ConfigurationProvider.ARCHIVE_REVOCATION_INFO_PROPERTY,
+        "false");
+    if (archiveInfo != null && BoolUtils.valueOf(archiveInfo)) {
+      this.archiveConfiguration = new ArchiveConfigurationImpl(config);
+    } else {
+      this.archiveConfiguration = null;
+    }
+
+    this.validationConfiguration = new ValidationConfigurationImpl(config);
+  }
+
+  /**
+   * @see iaik.pki.PKIConfiguration#getCertStoreConfiguration()
+   */
+  public CertStoreConfiguration getCertStoreConfiguration() {
+    return certStoreConfiguration;
+  }
+
+  /**
+   * @see iaik.pki.PKIConfiguration#getRevocationConfiguration()
+   */
+  public RevocationConfiguration getRevocationConfiguration() {
+    return revocationConfiguration;
+  }
+
+  /**
+   * @see iaik.pki.PKIConfiguration#getArchiveConfiguration()
+   */
+  public ArchiveConfiguration getArchiveConfiguration() {
+    return archiveConfiguration;
+  }
+
+  /**
+   * @see iaik.pki.PKIConfiguration#getValidationConfiguration()
+   */
+  public ValidationConfiguration getValidationConfiguration() {
+    return validationConfiguration;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
new file mode 100644
index 000000000..466234a11
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -0,0 +1,73 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import iaik.pki.revocation.RevocationConfiguration;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+
+import at.gv.egovernment.moa.spss.server.config.DistributionPoint;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>RevocationConfiguration</code> interface using
+ * MOA configuration data.
+ * 
+ * @see iaik.pki.revocation.RevocationConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationConfigurationImpl
+  extends AbstractObservableConfiguration
+  implements RevocationConfiguration {
+
+  /** The <code>ConfigurationProvider</code> to read the configuration data
+   * from. */
+  private ConfigurationProvider config;
+
+  /**
+   * Create a new <code>RevocationConfigurationImpl</code>.
+   * 
+   * @param config The underlying MOA configuration containing the configuration
+   * data.
+   */
+  public RevocationConfigurationImpl(ConfigurationProvider config) {
+    this.config = config;
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationConfiguration#getAlternativeDistributionPoints(java.security.cert.X509Certificate, java.util.Date)
+   */
+  public Set getAlternativeDistributionPoints(
+    X509Certificate cert,
+    Date date) {
+
+    Set configuredPoints = config.getCRLDP(cert);
+    Set distributionPoints = new HashSet();
+    Iterator iter;
+
+    for (iter = configuredPoints.iterator(); iter.hasNext();) {
+      DistributionPoint dp = (DistributionPoint) iter.next();
+      distributionPoints.add(new CRLDistributionPointAdapter(dp));
+    }
+
+    return distributionPoints;
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationConfiguration#archiveRevocationInfo(java.lang.String, java.lang.String)
+   */
+  public boolean archiveRevocationInfo(String type, String uri) {
+    String info =
+      config.getGenericConfiguration(
+        ConfigurationProvider.ARCHIVE_REVOCATION_INFO_PROPERTY,
+        "false");
+    
+    return info != null ? BoolUtils.valueOf(info) : false;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
new file mode 100644
index 000000000..343f096ef
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
@@ -0,0 +1,75 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+
+import iaik.server.modules.keys.ConfigurationException;
+import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+
+import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+
+/**
+ * An implementation of the <code>SoftwareKeyModuleConfiguration</code> wrapping
+ * a <code>SoftwareKeyModule</code> from the MOA configuration.
+ * 
+ * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SoftwareKeyModuleConfigurationImpl
+  extends AbstractKeyModuleConfigurationImpl
+  implements SoftwareKeyModuleConfiguration {
+
+  /** The wrapped <code>SoftwareKeyModule</code>. */
+  private SoftwareKeyModule keyModule;
+
+  /**
+   * Create a new <code>SoftwareKeyModuleConfigurationImpl</code>.
+   * 
+   * @param keyModule The <code>SoftwareKeyModule</code> from the underlying MOA
+   * configuration.
+   */
+  public SoftwareKeyModuleConfigurationImpl(SoftwareKeyModule keyModule) {
+    super(keyModule.getId());
+    this.keyModule = keyModule;
+  }
+
+  /**
+   * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreTypeName()
+   */
+  public String getKeyStoreTypeName() {
+    return KEY_STORE_TYPE_NAME_PKCS12;
+  }
+
+  /**
+   * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAsStream()
+   */
+  public InputStream getKeyStoreAsStream() {
+    MessageProvider msg = MessageProvider.getInstance();
+
+    try {
+      String message = 
+        msg.getMessage("config.18", new Object[] { keyModule.getFileName()});
+      Logger.info(new LogMsg(message));
+      return new FileInputStream(keyModule.getFileName());
+    } catch (FileNotFoundException e) {
+      String message =
+        msg.getMessage("config.09", new Object[] { keyModule.getFileName()});
+
+      throw new ConfigurationException(message, e, null);
+    }
+  }
+
+  /**
+   * @see iaik.server.modules.keys.SoftwareKeyModuleConfiguration#getKeyStoreAuthenticationData()
+   */
+  public char[] getKeyStoreAuthenticationData() {
+    return keyModule.getPassWord().toCharArray();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
new file mode 100644
index 000000000..f6fbad215
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/ValidationConfigurationImpl.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import java.security.cert.X509Certificate;
+import java.security.spec.AlgorithmParameterSpec;
+
+import iaik.pki.pathvalidation.ValidationConfiguration;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>ValidationConfiguration</code> interface using
+ * MOA configuration data.
+ * 
+ * @see iaik.pki.pathvalidation.ValidationConfiguration
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ValidationConfigurationImpl
+  extends AbstractObservableConfiguration
+  implements ValidationConfiguration {
+
+  /** The <code>ConfigurationProvider</code> to read the configuration data
+   * from. */
+  private ConfigurationProvider config;
+
+  /**
+   * Create a new <code>ValidationConfigurationImpl</code>.
+   * 
+   * @param config The underlying MOA configuration data.
+   */
+  public ValidationConfigurationImpl(ConfigurationProvider config) {
+    this.config = config;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationConfiguration#getChainingMode(java.security.cert.X509Certificate)
+   */
+  public String getChainingMode(X509Certificate cert) {
+    return config.getChainingMode(cert);
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsSpec(java.security.cert.X509Certificate)
+   */
+  public AlgorithmParameterSpec getPublicKeyParamsAsSpec(X509Certificate cert) {
+    return null;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationConfiguration#getPublicKeyParamsAsCert(java.security.cert.X509Certificate)
+   */
+  public X509Certificate getPublicKeyParamsAsCert(X509Certificate cert) {
+    return null;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
new file mode 100644
index 000000000..c204eface
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java
@@ -0,0 +1,127 @@
+package at.gv.egovernment.moa.spss.server.iaik.pki;
+
+import iaik.pki.PKIProfile;
+import iaik.pki.pathvalidation.ValidationProfile;
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.store.truststore.TrustStoreProfile;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation.ValidationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.revocation.RevocationProfileImpl;
+import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStoreProfileImpl;
+
+/**
+ * Implementation of the <code>PKIProfile</code> interface containing
+ * information needed for certificate path validation. It uses configuration
+ * data from the MOA configuration.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class PKIProfileImpl implements PKIProfile {
+
+  /** Profile information for revocation checking. */
+  private RevocationProfile revocationProfile;
+  /** Profile information about the trust profile to use. */
+  private TrustStoreProfile trustStoreProfile;
+  /** Profile information about the certificate validation. */
+  private ValidationProfile validationProfile;
+  /** The <code>ConfigurationProvider</code> to read the MOA configuration data
+   * from. */
+  private ConfigurationProvider config;
+
+  /**
+   * Create a new <code>PKIProfileImpl</code>.
+   * 
+   * @param config The MOA configuration providing configuration data about
+   * certificate path validation.
+   * @param trustProfileID The trust profile ID denoting the location of the
+   * trust store.
+   * @throws MOAApplicationException An error occurred building the profile.
+   */
+  public PKIProfileImpl(ConfigurationProvider config, String trustProfileID)
+    throws MOAApplicationException {
+    
+    this.config = config;  
+    setRevocationProfile(new RevocationProfileImpl(config));
+    setTrustStoreProfile(new TrustStoreProfileImpl(config, trustProfileID));
+    setValidationProfile(new ValidationProfileImpl(config));
+  }
+
+  /**
+   * @see iaik.pki.PKIProfile#autoAddCertificates()
+   */
+  public boolean autoAddCertificates() {
+    String boolStr =
+      config.getGenericConfiguration(
+        ConfigurationProvider.AUTO_ADD_CERTIFICATES_PROPERTY,
+        "true");
+    boolean boolValue = BoolUtils.valueOf(boolStr);
+
+    return useAuthorityInfoAccess() ? true : boolValue;
+  }
+
+  /**
+   * @see iaik.pki.PKIProfile#getRevocationProfile()
+   */
+  public RevocationProfile getRevocationProfile() {
+    return revocationProfile;
+  }
+
+  /**
+   * Sets the <code>RevocationProfile</code>.
+   * 
+   * @param revocationProfile The <code>RevocationProfile</code> used for
+   * revocation checking.
+   */
+  protected void setRevocationProfile(RevocationProfile revocationProfile) {
+    this.revocationProfile = revocationProfile;
+  }
+
+  /**
+   * @see iaik.pki.PKIProfile#getTrustStoreProfile()
+   */
+  public TrustStoreProfile getTrustStoreProfile() {
+    return trustStoreProfile;
+  }
+
+  /**
+   * Sets the <code>TrustStoreProfile</code>.
+   * 
+   * @param trustStoreProfile The <code>TrustStoreProfile</code>.
+   */
+  protected void setTrustStoreProfile(TrustStoreProfile trustStoreProfile) {
+    this.trustStoreProfile = trustStoreProfile;
+  }
+
+  /**
+   * @see iaik.pki.PKIProfile#getValidationProfile()
+   */
+  public ValidationProfile getValidationProfile() {
+    return validationProfile;
+  }
+
+  /**
+   * Sets the <code>ValidationProfile</code>.
+   * 
+   * @param validationProfile The <code>ValidationProfile</code> to set.
+   */
+  protected void setValidationProfile(ValidationProfile validationProfile) {
+    this.validationProfile = validationProfile;
+  }
+
+  /**
+   * @see iaik.pki.PKIProfile#useAuthorityInfoAccess()
+   */
+  public boolean useAuthorityInfoAccess() {
+    String boolStr =
+      config.getGenericConfiguration(
+        ConfigurationProvider.USE_AUTHORITY_INFO_ACCESS_PROPERTY,
+        "true");
+    return BoolUtils.valueOf(boolStr);
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
new file mode 100644
index 000000000..3327b3a50
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/pathvalidation/ValidationProfileImpl.java
@@ -0,0 +1,113 @@
+package at.gv.egovernment.moa.spss.server.iaik.pki.pathvalidation;
+
+import iaik.pki.pathvalidation.ValidationProfile;
+
+import at.gv.egovernment.moa.util.BoolUtils;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+import java.util.Collections;
+import java.util.Set;
+
+/**
+ * An implementation of the <code>ValidationProfile</code> interface providing
+ * information about certificat path validation. 
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ValidationProfileImpl implements ValidationProfile {
+
+  /** The <code>ConfigurationProvider</code> to read the configuration data
+   * from. */
+  private ConfigurationProvider config;
+  private boolean initialAnyPolicyInhibit;
+  private boolean initialExplicitPolicy;
+  private boolean initialPolicyMappingInhibit;
+  private Set initialPolicySet;
+  private boolean nameConstraintsProcessing;
+  private boolean policyProcessing;
+
+  /**
+   * Create a new <code>ValidationProfileImpl</code> object.
+   * 
+   * This objects's fields are preset to the following values:
+   * 
+   * <ul>
+   * <li><code>initialAnyPolicyInhibit = true</code></li>
+   * <li><code>initialExplicitPoliy = true</code></li>
+   * <li><code>initialPolicyMappingInhibit = true</code></li>
+   * <li><code>initialPolicySet = empty</code></li>
+   * <li><code>policyProcessing = false</code></li>
+   * <li><code>nameConstraintsProcessing = false</code></li>
+   * <li><code>revocationChecking = false</code></li>
+   * </ul>
+   * 
+   * @param config MOA configuration data for additional configuration
+   * information (currently unused). 
+   */
+  public ValidationProfileImpl(ConfigurationProvider config) {
+    this.config = config;
+    initialAnyPolicyInhibit = true;
+    initialExplicitPolicy = true;
+    initialPolicyMappingInhibit = true;
+    initialPolicySet = Collections.EMPTY_SET;
+    policyProcessing = false;
+    nameConstraintsProcessing = false;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialAnyPolicyInhibit()
+   */
+  public boolean getInitialAnyPolicyInhibit() {
+    return initialAnyPolicyInhibit;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialExplicitPolicy()
+   */
+  public boolean getInitialExplicitPolicy() {
+    return initialExplicitPolicy;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicyMappingInhibit()
+   */
+  public boolean getInitialPolicyMappingInhibit() {
+    return initialPolicyMappingInhibit;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getInitialPolicySet()
+   */
+  public Set getInitialPolicySet() {
+    return initialPolicySet;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getPolicyProcessing()
+   */
+  public boolean getPolicyProcessing() {
+    return policyProcessing;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getNameConstraintsProcessing()
+   */
+  public boolean getNameConstraintsProcessing() {
+    return nameConstraintsProcessing;
+  }
+
+  /**
+   * @see iaik.pki.pathvalidation.ValidationProfile#getRevocationChecking()
+   */
+  public boolean getRevocationChecking() {
+    String checkingStr =
+      config.getGenericConfiguration(
+        ConfigurationProvider.REVOCATION_CHECKING_PROPERTY,
+        "false");
+
+    return BoolUtils.valueOf(checkingStr);
+  }
+
+}
\ No newline at end of file
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
new file mode 100644
index 000000000..186d24934
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/revocation/RevocationProfileImpl.java
@@ -0,0 +1,65 @@
+package at.gv.egovernment.moa.spss.server.iaik.pki.revocation;
+
+import java.security.cert.X509Certificate;
+
+import iaik.pki.revocation.RevocationProfile;
+import iaik.pki.revocation.RevocationSourceTypes;
+
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+/**
+ * An implementation of the <code>RevocationProfile</code> interface providing
+ * information about revocation status checking, based on MOA configuration
+ * data.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class RevocationProfileImpl implements RevocationProfile {
+  /** The default service order. */
+  private static final String[] DEFAULT_SERVICE_ORDER =
+    { RevocationSourceTypes.CRL };
+  /** The <code>ConfigurationProvider</code> to read the MOA configuration data
+   * from. */
+  private ConfigurationProvider config;
+  /** The OCSP request hash algorithm. */
+  private String oCSPRequestHashAlgorithm;
+
+  /**
+   * Create a new <code>RevocationProfileImpl</code>.
+   * 
+   * @param config The MOA configuration data.
+   */
+  public RevocationProfileImpl(ConfigurationProvider config) {
+    this.config = config;
+    this.oCSPRequestHashAlgorithm = "";
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getMaxRevocationAge(String)
+   */
+  public long getMaxRevocationAge(String distributionPointUri) {
+    String maxRevocationAgeStr =
+      config.getGenericConfiguration(
+        ConfigurationProvider.MAX_REVOCATION_AGE_PROPERTY,
+        "0");
+    long revocationAge = Long.parseLong(maxRevocationAgeStr);
+
+    return revocationAge;
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getOCSPRequestHashAlgorithm()
+   */
+  public String getOCSPRequestHashAlgorithm() {
+    return oCSPRequestHashAlgorithm;
+  }
+
+  /**
+   * @see iaik.pki.revocation.RevocationProfile#getPreferredServiceOrder(java.security.cert.X509Certificate)
+   */
+  public String[] getPreferredServiceOrder(X509Certificate cert) {
+    return DEFAULT_SERVICE_ORDER;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
new file mode 100644
index 000000000..8a1161b95
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/pki/store/truststore/TrustStoreProfileImpl.java
@@ -0,0 +1,119 @@
+package at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.pki.store.truststore.TrustStoreProfile;
+import iaik.pki.store.truststore.TrustStoreTypes;
+import iaik.servertools.observer.NotificationData;
+import iaik.servertools.observer.Observer;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.config.TrustProfile;
+
+/**
+ * An implementation of the <code>TrustStoreProfile</code> interface, using data
+ * from the MOA configuration.
+ * 
+ * @see iaik.pki.store.truststore.TrustStoreProfile 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TrustStoreProfileImpl implements TrustStoreProfile {
+
+  /** The observers of this profile. */
+  private List observers = new ArrayList();
+  /** The type of the trust profile. */
+  private String type;
+  /** The URI of the trust profile.*/
+  private String URI;
+
+  /**
+   * Create a new <code>TrustStoreProfileImpl</code>.
+   * 
+   * @param config The MOA configuration data, from which trust store
+   * configuration data is read.
+   * @param trustProfileId The trust profile id on which this
+   * <code>TrustStoreProfile</code> is based.
+   * @throws MOAApplicationException The <code>trustProfileId</code> could not
+   * be found in the MOA configuration.
+   */
+  public TrustStoreProfileImpl(
+    ConfigurationProvider config,
+    String trustProfileId)
+    throws MOAApplicationException {
+
+    TrustProfile tp = (TrustProfile) config.getTrustProfile(trustProfileId);
+    if (tp != null) {
+      setURI(tp.getUri());
+      setType(TrustStoreTypes.DIRECTORY);
+    } else {
+      throw new MOAApplicationException(
+        "2203",
+        new Object[] { trustProfileId });
+    }
+  }
+
+  /**
+   * @see iaik.pki.store.truststore.TrustStoreProfile#getType()
+   */
+  public String getType() {
+    return type;
+  }
+
+  /**
+   * Sets the the trust store type.
+   * 
+   * @param type The trust store type to set. 
+   */
+  protected void setType(String type) {
+    this.type = type;
+  }
+
+  /**
+   * @see iaik.pki.store.truststore.TrustStoreProfile#getURI()
+   */
+  public String getURI() {
+    return URI;
+  }
+
+  /**
+   * Sets the trust store URI.
+   * 
+   * @param URI The trust store URI to set.
+   */
+  protected void setURI(String URI) {
+    this.URI = URI;
+  }
+
+  //
+  // Methods of iaik.utils.observer.Observable interface
+  //
+
+  /**
+   * @see iaik.utils.observer.Observable#addObserver(Observer)
+   */
+  public void addObserver(Observer observer) {
+    observers.add(observer);
+  }
+
+  /**
+   * @see iaik.utils.observer.Observable#removeObserver(Observer)
+   */
+  public boolean removeObserver(Observer observer) {
+    return observers.remove(observer);
+  }
+
+  /**
+   * @see iaik.utils.observer.Observable#notify(NotificationData)
+   */
+  public void notify(NotificationData notificationData) {
+    for (Iterator iter = observers.iterator(); iter.hasNext();) {
+      Observer observer = (Observer) iter.next();
+      observer.notify(notificationData);
+    }
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
new file mode 100644
index 000000000..e076fe1eb
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/Base64TransformationImpl.java
@@ -0,0 +1,43 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Base64Transformation;
+
+/**
+ * An implementation of the <code>Base64Transformation</code>
+ * <code>Transformation</code> type.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class Base64TransformationImpl
+  extends TransformationImpl
+  implements Base64Transformation {
+  
+  /**
+   * Create a new <code>Base64TransformationImpl</code>.
+   * 
+   * @see java.lang.Object#Object()
+   */  
+  public Base64TransformationImpl() {
+    setAlgorithmURI(Base64Transformation.BASE64_DECODING);
+  }
+
+  /**
+   * Compare this <code>Base64Transformation</code> to another.
+   * 
+   * @param other The object to compare this<code>Base64Transformation</code> 
+   * to.
+   * @return <code>true</code>, if <code>other</code> is a
+   * <code>Base64Transformation</code> and the algorithm URIs match, otherwise
+   * <code>false</code>.
+   * @see java.lang.Object#equals(Object)
+   */  
+  public boolean equals(Object other) {
+    if (other instanceof Base64Transformation) {
+      Base64Transformation transform = (Base64Transformation) other;
+      return getAlgorithmURI().equals(transform.getAlgorithmURI());
+    }
+    return false;
+  }
+  
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
new file mode 100644
index 000000000..921b10cb6
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteArrayDataObjectImpl.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+
+import iaik.server.modules.xml.BinaryDataObject;
+
+/**
+ * A <code>BinaryDataObject</code> encapsulating Base64 data.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ByteArrayDataObjectImpl
+  extends DataObjectImpl
+  implements BinaryDataObject {
+
+  /** The binary data contained in this <code>BinaryDataObject</code>. */
+  private byte[] bytes;
+
+  /**
+   * Create a new <code>ByteArrayDataObjectImpl</code>.
+   * 
+   * @param bytes The binary data contained in this 
+   * <code>BinaryDataObject</code>.
+   */
+  public ByteArrayDataObjectImpl(byte[] bytes) {
+    setBytes(bytes);
+  }
+
+  /**
+   * Set the Base64 data.
+   * 
+   * @param bytes The binary data contained in this 
+   * <code>BinaryDataObject</code>.
+   */
+  public void setBytes(byte[] bytes) {
+    this.bytes = bytes;
+  }
+
+  /**
+   * Return the binary data encoded in the Base64 <code>String</code> as a
+   * stream.
+   * 
+   * @return The binary data contained in this object, as a
+   * <code>InputStream</code>. Repeated calls to this function will return a
+   * new stream to the Base64 data.
+   * @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
+   */
+  public InputStream getInputStream() {
+    return new ByteArrayInputStream(bytes);
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
new file mode 100644
index 000000000..ce400e61a
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ByteStreamDataObjectImpl.java
@@ -0,0 +1,49 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.InputStream;
+
+import iaik.server.modules.xml.BinaryDataObject;
+
+/**
+ * A <code>BinaryDataObject</code> encapsulating binary data from a stream. 
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ByteStreamDataObjectImpl
+  extends DataObjectImpl
+  implements BinaryDataObject {
+
+  /** The <code>InputStream</code> containing the binary data. */
+  private InputStream inputStream;
+
+  /**
+   * Create a new <code>ByteStreamDataObjectImpl</code>.
+   * 
+   * @param inputStream The stream from which to read the binary data.
+   */
+  public ByteStreamDataObjectImpl(InputStream inputStream) {
+    setInputStream(inputStream);
+  }
+
+  /**
+   * Set the input stream from which to read the binary data.
+   * 
+   * @param inputStream The input stream from which to read the binary data.
+   */
+  public void setInputStream(InputStream inputStream) {
+    this.inputStream = inputStream;
+  }
+
+  /**
+   * Return the binary data from this object as a stream.
+   * 
+   * @return The stream containing the binary data. Calling this function
+   * repeatedly will always return the same <code>InputStream</code>.
+   * @see iaik.server.modules.xml.BinaryDataObject#getInputStream()
+   */
+  public InputStream getInputStream() {
+    return inputStream;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
new file mode 100644
index 000000000..a597b214d
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/CanonicalizationImpl.java
@@ -0,0 +1,43 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Canonicalization;
+
+/**
+ * An implementation of the <code>CanonicalizationTransform</code>
+ * <code>Transformation</code> type.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class CanonicalizationImpl
+  extends TransformationImpl
+  implements Canonicalization {
+   
+  /**
+   * Create a new <code>CanonicalizationTransformImpl</code> object.
+   * 
+   * @param algorithmURI The canonicalization algorithm URI.
+   */ 
+  public CanonicalizationImpl(String algorithmURI) {
+    setAlgorithmURI(algorithmURI);
+  }
+    
+  /**
+   * Compare this object to another <code>Canonicalization</code>.
+   * 
+   * @param other The object to compare this 
+   * <code>Canonicalization</code> to.
+   * @return <code>true</code>, if <code>other</code> is a
+   * <code>Canonicalization</code> and the algorithm URIs match, otherwise
+   * <code>false</code>.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof Canonicalization) {
+      Canonicalization c14n = (Canonicalization) other;
+      return getAlgorithmURI().equals(c14n.getAlgorithmURI());
+    }
+    return false;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
new file mode 100644
index 000000000..875d82613
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/DataObjectImpl.java
@@ -0,0 +1,87 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.DataObject;
+
+/**
+ * Abstract base implementation for the classes derived from
+ * <code>DataObject</code>.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class DataObjectImpl implements DataObject {
+  
+  /** The MIME type of the data object. */
+  private String mimeType;
+  /** The refernce ID. */
+  private String referenceID;
+  /** The URI of the type. */
+  private String typeURI;
+  /** The URI identifying the data. */
+  private String URI;
+  
+  /**
+   * @see iaik.server.modules.xml.DataObject#getMimeType()
+   */
+  public String getMimeType() {
+    return mimeType;
+  }
+
+  /**
+   * Set the mime type.
+   * 
+   * @param mimeType The mime type to set.
+   */
+  public void setMimeType(String mimeType) {
+    this.mimeType = mimeType;
+  }
+  
+  /**
+   * @see iaik.server.modules.xml.DataObject#getReferenceID()
+   */
+  public String getReferenceID() {
+    return referenceID;
+  }
+  
+  /**
+   * Set the reference ID.
+   * 
+   * @param referenceID The reference ID.
+   */
+  public void setReferenceID(String referenceID) {
+    this.referenceID = referenceID;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.DataObject#getTypeURI()
+   */
+  public String getTypeURI() {
+    return typeURI;
+  }
+
+  /**
+   * Set the type URI.
+   * 
+   * @param typeURI The type URI.
+   */
+  public void setTypeURI(String typeURI) {
+    this.typeURI = typeURI;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.DataObject#getURI()
+   */
+  public String getURI() {
+    return URI;
+  }
+  
+  /**
+   * Set the URI.
+   * 
+   * @param URI The URI.
+   */
+  public void setURI(String URI) {
+    this.URI = URI;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
new file mode 100644
index 000000000..41a47d0a1
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/EnvelopedSignatureTransformationImpl.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.EnvelopedSignatureTransformation;
+
+/**
+ * An implementation of the <code>EnvelopedSignatureTransformation</code>
+ * <code>Transformation</code> type.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class EnvelopedSignatureTransformationImpl
+  extends TransformationImpl
+  implements EnvelopedSignatureTransformation {
+
+  /**
+   * Create a new <code>EnvelopedSignatureTransformationImpl</code>.
+   */
+  public EnvelopedSignatureTransformationImpl() {
+    setAlgorithmURI(EnvelopedSignatureTransformation.ENVELOPED_SIGNATURE);
+  }
+
+  /**
+   * Compare this object to another <code>EnvelopedSignatureTransformation</code>.
+   * 
+   * @param other The object to compare this 
+   * <code>EnvelopedSignatureTransformation</code> to.
+   * @return <code>true</code>, if <code>other</code> is a
+   * <code>EnvelopedSignatureTransformation</code>, otherwise 
+   * <code>false</code>.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof EnvelopedSignatureTransformation) {
+      EnvelopedSignatureTransformation transform =
+        (EnvelopedSignatureTransformation) other;
+      return getAlgorithmURI().equals(transform.getAlgorithmURI());
+    }
+    return false;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
new file mode 100644
index 000000000..f50d0d9b1
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/ExclusiveCanonicalizationImpl.java
@@ -0,0 +1,71 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.List;
+
+import iaik.server.modules.xml.ExclusiveCanonicalization;
+
+/**
+ * An implementation of the <code>ExclusiveCanonicalization</code> type
+ * of <code>Transformation</code>.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class ExclusiveCanonicalizationImpl
+  extends TransformationImpl
+  implements ExclusiveCanonicalization {
+
+  /** The prefixes of the namespaces to treat according to canonical XML. */
+  private List inclusiveNamespacePrefixes;
+
+  /**
+   * Create a new <code>ExclusiveCanonicalizationImpl</code> object.
+   * 
+   * @param algorithmURI The exclusive canonicalization algorithm URI.
+   * @param inclusiveNamespacePrefixes The namespace prefixes to be processed
+   * according to canonical XML.
+   */
+  public ExclusiveCanonicalizationImpl(
+    String algorithmURI,
+    List inclusiveNamespacePrefixes) {
+    setAlgorithmURI(algorithmURI);
+    setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
+  }
+
+  /**
+   * Sets the namespace prefixes to be processed according to canonical XML.
+   * 
+   * @param inclusiveNamespacePrefixes The prefixes of the namespaces to treat
+   * according to canonical XML.
+   */
+  protected void setInclusiveNamespacePrefixes(List inclusiveNamespacePrefixes) {
+    this.inclusiveNamespacePrefixes = inclusiveNamespacePrefixes;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.ExclusiveCanonicalization#getInclusiveNamespacePrefixes()
+   */
+  public List getInclusiveNamespacePrefixes() {
+    return inclusiveNamespacePrefixes;
+  }
+
+  /**
+   * Compare this object to another <code>CanonicalizationTransform</code>.
+   * 
+   * @param other The object to compare this 
+   * <code>ExclusiveCanonicalization</code> to.
+   * @return <code>true</code>, if <code>other</code> is a
+   * <code>ExclusiveCanonicalization</code> and the algorithm URIs match, 
+   * otherwise <code>false</code>.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof ExclusiveCanonicalizationImpl) {
+      ExclusiveCanonicalizationImpl c14n =
+        (ExclusiveCanonicalizationImpl) other;
+      return getAlgorithmURI().equals(c14n.getAlgorithmURI());
+    }
+    return false;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
new file mode 100644
index 000000000..19ca3dadf
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/SigningTimeImpl.java
@@ -0,0 +1,34 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Date;
+
+import iaik.server.modules.xml.SigningTime;
+
+/**
+ * An implementation of the <code>SigningTime</code> <code>Property</code>.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class SigningTimeImpl implements SigningTime {
+  
+  /** The signing time. */
+  private Date signingTime;
+  
+  /**
+   * Create a new <code>SigningTimeImpl</code>.
+   * 
+   * @param signingTime The signing time.
+   */
+  public SigningTimeImpl(Date signingTime) {
+    this.signingTime = signingTime;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.SigningTime#getSigningTime()
+   */
+  public Date getSigningTime() {
+    return signingTime;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
new file mode 100644
index 000000000..59a414b69
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/TransformationImpl.java
@@ -0,0 +1,43 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import iaik.server.modules.xml.Transformation;
+
+/**
+ * Base implementation class for <code>Transformation</code> derived classes.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public abstract class TransformationImpl implements Transformation {
+
+  /** The algorithm URI identifying the transformation algorithm. */
+  private String algorithmURI;
+  
+  /**
+   * @see iaik.server.modules.xml.Transformation#getAlgorithmURI()
+   */
+  public String getAlgorithmURI() {
+    return algorithmURI;
+  }
+
+  /**
+   * Sets the algorithm URI.
+   * 
+   * @param algorithmURI The algorithm URI to set.
+   */
+  protected void setAlgorithmURI(String algorithmURI) {
+    this.algorithmURI = algorithmURI;
+  }
+  
+  /**
+   * Returns the hash code of the algorithm URI. Should be overridden if a
+   * transformation distinguishes itself from others by more than just the
+   * algorithm URI.
+   * 
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    return getAlgorithmURI().hashCode();
+  }
+  
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
new file mode 100644
index 000000000..bc31d694e
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLDataObjectImpl.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.Element;
+
+import iaik.server.modules.xml.XMLDataObject;
+
+/**
+ * A <code>DataObject</code> containing a single DOM element.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLDataObjectImpl
+  extends DataObjectImpl
+  implements XMLDataObject {
+  
+  /** The XML data contained in this <code>XMLDataObject</code>. */  
+  private Element element;
+  
+  /**
+   * Create a new <code>XMLDataObjectImpl</code>.
+   * 
+   * @param element The DOM element contained in this
+   * <code>XMLDataObject</code>.
+   */
+  public XMLDataObjectImpl(Element element) {
+    setElement(element);
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XMLDataObject#getElement()
+   */
+  public Element getElement() {
+    return element;
+  }
+
+  /**
+   * Set the DOM element contained in this <code>XMLDataObject</code>.
+   * 
+   * @param element The DOM element to set.
+   */
+  public void setElement(Element element) {
+    this.element = element;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
new file mode 100644
index 000000000..c855a922a
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLNodeListDataObjectImpl.java
@@ -0,0 +1,47 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.NodeList;
+
+import iaik.server.modules.xml.XMLNodeListDataObject;
+
+/**
+ * A <code>DataObject</code> containing a list of DOM nodes.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLNodeListDataObjectImpl
+  extends DataObjectImpl
+  implements XMLNodeListDataObject {
+
+  /** The nodes contained in this <code>XMLNodeListDataObject</code>. */
+  private NodeList nodeList;
+
+  /**
+   * Create a new <code>XMLNodeListDataObjectImpl</code>.
+   * 
+   * @param nodeList The list of DOM nodes contained in this
+   * <code>XMLNodeListDataObject</code>.
+   */
+  public XMLNodeListDataObjectImpl(NodeList nodeList) {
+    setNodeList(nodeList);
+  }
+
+  /**
+   * Set the list of DOM nodes contained in this
+   * <code>XMLNodeListDataObject</code>.
+   * 
+   * @param nodeList The list of DOM nodes to set.
+   */
+  public void setNodeList(NodeList nodeList) {
+    this.nodeList = nodeList;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XMLNodeListDataObject#getNodeList()
+   */
+  public NodeList getNodeList() {
+    return nodeList;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
new file mode 100644
index 000000000..4fca907f3
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XMLSignatureImpl.java
@@ -0,0 +1,43 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import org.w3c.dom.Element;
+
+import iaik.server.modules.xml.XMLSignature;
+
+/**
+ * An object containing an XMLDsig signature in the form of a 
+ * <code>dsig:Signature</code> DOM element.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureImpl implements XMLSignature {
+  /** The signature DOM element. */
+  private Element element;
+  
+  /**
+   * Create a new <code>XMLSignatureImpl</code>.
+   * 
+   * @param element The <code>dsig:Signature</code> DOM element.
+   */
+  public XMLSignatureImpl(Element element) {
+    setElement(element);
+  }
+  
+  /**
+   * Set the <code>dsig:Signature</code> DOM element.
+   * 
+   * @param element The <code>dsig:Signature</code> element to set.
+   */
+  public void setElement(Element element) {
+    this.element = element;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XMLSignature#getElement()
+   */
+  public Element getElement() {
+    return element;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
new file mode 100644
index 000000000..034d4b653
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2FilterImpl.java
@@ -0,0 +1,116 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Map;
+
+import iaik.server.modules.xml.XPath2Transformation;
+import iaik.server.modules.xml.XPath2Transformation.XPath2Filter;
+
+/**
+ * An object encapsulating an XPath-Filter2 expression.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPath2FilterImpl implements XPath2Filter {
+
+  /** The type of this filter. */
+  private String filterType;
+  /** The XPath expression of this filter. */
+  private String xPathExpression;
+  /** The namespace prefix to URI mapping to use for evaluating the XPath. */
+  private Map namespaceDeclarations;
+
+  /**
+   * Create a new <code>XPath2FilterImpl</code> object.
+   * 
+   * @param filterType The type of filter. Must be one of the filter type
+   * constants declared in <code>iaik.server.modules.xml.XPath2Transformation.XPath2Filter</code>
+   * @param xPathExpression The XPath expression belonging to this filter.
+   * @param namespaceDeclarations The namespace declarations visible for this
+   * XPath2Filter.
+   */
+  public XPath2FilterImpl(
+    String filterType,
+    String xPathExpression,
+    Map namespaceDeclarations) {
+
+    setFilterType(filterType);
+    setXPathExpression(xPathExpression);
+    setNamespaceDeclarations(namespaceDeclarations);
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getFilterType()
+   */
+  public String getFilterType() {
+    return filterType;
+  }
+
+  /**
+   * Set the filter type.
+   * 
+   * @param filterType The filter type to set.
+   */
+  protected void setFilterType(String filterType) {
+    this.filterType = filterType;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getXPathExpression()
+   */
+  public String getXPathExpression() {
+    return xPathExpression;
+  }
+
+  /**
+   * Set the XPath expression.
+   * 
+   * @param xPathExpression The XPath expression to set.
+   */
+  protected void setXPathExpression(String xPathExpression) {
+    this.xPathExpression = xPathExpression;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPath2Transformation.XPath2Filter#getNamespaceDeclarations()
+   */
+  public Map getNamespaceDeclarations() {
+    return namespaceDeclarations;
+  }
+
+  /**
+   * Set the namespace declarations.
+   * 
+   * @param namespaceDeclarations The mapping between namespace prefixes and
+   * their associated URI.
+   */
+  protected void setNamespaceDeclarations(Map namespaceDeclarations) {
+    this.namespaceDeclarations = namespaceDeclarations;
+  }
+
+  /**
+   * Compare this object to another.
+   * 
+   * @param other The object to compare this <code>XPath2Filter</code> to.
+   * @return <code>true</code>, if <code>other</code> is a
+   * <code>XPath2Filter</code> and the filter types match and the XPath
+   * expressions match. Otherwise <code>false</code> is returned.
+   * @see java.lang.Object#equals(java.lang.Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof XPath2Transformation.XPath2Filter) {
+      XPath2Filter filter = (XPath2Transformation.XPath2Filter) other;
+      return getFilterType().equals(filter.getFilterType())
+        && getXPathExpression().equals(filter.getXPathExpression());
+    }
+    return false;
+  }
+
+  /**
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    return getXPathExpression().hashCode() * 31 + getFilterType().hashCode();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
new file mode 100644
index 000000000..c7496c2cd
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPath2TransformationImpl.java
@@ -0,0 +1,82 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import iaik.server.modules.xml.XPath2Transformation;
+
+/**
+ * An object encapsulating a <code>Transformation</code> containing several
+ * XPath-Filter2 expressions.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPath2TransformationImpl
+  extends TransformationImpl
+  implements XPath2Transformation {
+
+  /** The filters contained in this <code>XPath2Transformation</code> */
+  private List xPathFilters = new ArrayList();
+
+  /**
+   * Create a new <code>XPath2TransformationImpl</code>.
+   * 
+   * The list of XPath-Filter2 expression is initially empty.
+   */
+  public XPath2TransformationImpl() {
+    setAlgorithmURI(XPath2Transformation.XPATH2);
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPath2Transformation#getXPathFilters()
+   */
+  public List getXPathFilters() {
+    return xPathFilters;
+  }
+
+  /**
+   * Add an XPath-Filter2 expression to the list of filters.
+   * 
+   * @param filter The filter to add.
+   */
+  public void addXPathFilter(XPath2Filter filter) {
+    xPathFilters.add(filter);
+  }
+
+  /**
+   * Compare this <code>XPath2Transformation</code> to another.
+   * 
+   * @param other The object to compare this 
+   * <code>XPath2Transformation</code> to.
+   * @return <code>true</code>, if <code>other</code> is an
+   * <code>XPath2Transformation</code> and <code>getXPathFilters()</code> equals
+   * <code>other.getXPathFilters()</code>. Otherwise <code>false</code> is
+   * returned.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof XPath2Transformation) {
+      XPath2Transformation transform = (XPath2Transformation) other;
+
+      return getXPathFilters().equals(transform.getXPathFilters());
+    }
+    return false;
+  }
+
+  /**
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    Iterator iter = getXPathFilters().iterator();
+    int hashCode = 0;
+
+    while (iter.hasNext()) {
+      hashCode ^= iter.next().hashCode();
+    }
+
+    return hashCode;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
new file mode 100644
index 000000000..ccedbadb2
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XPathTransformationImpl.java
@@ -0,0 +1,98 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.util.Map;
+
+import iaik.server.modules.xml.XPathTransformation;
+
+/**
+ * A <code>Transformation</code> containing an XPath expression.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XPathTransformationImpl
+  extends TransformationImpl
+  implements XPathTransformation {
+
+  /** The XPath expression. */
+  private String xPathExpression;
+  /** The namespace prefix to URI mapping to use for XPath evaluation. */
+  private Map namespaceDeclarations;
+
+  /**
+   * Create a new <code>XPathTransformationImpl</code>.
+   * 
+   * The namespace declarations are initialized empty.
+   * 
+   * @param xPathExpression The XPath expression this object will contain.
+   * @param namespaceDeclarations The namespace declarations visible for this
+   * XPath.
+   */
+  public XPathTransformationImpl(
+    String xPathExpression,
+    Map namespaceDeclarations) {
+
+    setAlgorithmURI(XPathTransformation.XPATH);
+    setXPathExpression(xPathExpression);
+    setNamespaceDeclarations(namespaceDeclarations);
+  }
+
+  /**
+   * Set the XPath expression.
+   * 
+   * @param xPathExpression The XPath expression.
+   */
+  protected void setXPathExpression(String xPathExpression) {
+    this.xPathExpression = xPathExpression;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPathTransformation#getXPathExpression()
+   */
+  public String getXPathExpression() {
+    return xPathExpression;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XPathTransformation#getNamespaceDeclarations()
+   */
+  public Map getNamespaceDeclarations() {
+    return namespaceDeclarations;
+  }
+
+  /**
+   * Set the namespace declarations.
+   * 
+   * @param namespaceDeclarations The mapping between namespace prefixes and
+   * their associated URI.
+   */
+  protected void setNamespaceDeclarations(Map namespaceDeclarations) {
+    this.namespaceDeclarations = namespaceDeclarations;
+  }
+
+  /**
+   * Compare this <code>XPathTransformation</code> to another.
+   * 
+   * @param other The object to compare this 
+   * <code>XPathTransformation</code> to.
+   * @return <code>true</code>, if <code>other</code> is an
+   * <code>XPathTransformation</code> and if this object contains the same XPath
+   * expression as <code>other</code>. Otherwise <code>false</code> is returned.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof XPathTransformation) {
+      XPathTransformation transform = (XPathTransformation) other;
+      return getXPathExpression().equals(transform.getXPathExpression());
+    }
+    return false;
+  }
+
+  /**
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    return getXPathExpression().hashCode();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
new file mode 100644
index 000000000..d38da650b
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
@@ -0,0 +1,168 @@
+package at.gv.egovernment.moa.spss.server.iaik.xml;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Collections;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+
+import iaik.ixsil.algorithms.CanonicalizationAlgorithm;
+import iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXML;
+import iaik.ixsil.exceptions.AlgorithmException;
+import iaik.server.modules.xml.XSLTTransformation;
+
+import at.gv.egovernment.moa.util.NodeListAdapter;
+import at.gv.egovernment.moa.util.StreamUtils;
+import at.gv.egovernment.moa.util.XPathException;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+
+/**
+ * A <code>Transformation</code> containing an XSLT transformation.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XSLTTransformationImpl
+  extends TransformationImpl
+  implements XSLTTransformation {
+
+  /** The XSLT stylesheet. */
+  private Element styleSheetElement;
+  /** The hash code of the canonicalized stylesheet. If calculated, this value
+   * should be != 0. */
+  private int hashCode;
+
+  /**
+   * Create a new <code>XSLTTransformationImpl</code> object.
+   * 
+   * @param styleSheetElement The XSLT stylesheet element.
+   */
+  public XSLTTransformationImpl(Element styleSheetElement) {
+    setAlgorithmURI(XSLTTransformation.XSLT);
+    setStyleSheetElement(styleSheetElement);
+  }
+
+  /**
+   * Set the XSLT stylesheet element.
+   * 
+   * @param styleSheetElement The XSLT stylesheet element to set.
+   */
+  protected void setStyleSheetElement(Element styleSheetElement) {
+    this.styleSheetElement = styleSheetElement;
+    this.hashCode = 0;
+  }
+
+  /**
+   * @see iaik.server.modules.xml.XSLTTransformation#getStylesheetElement()
+   */
+  public Element getStylesheetElement() {
+    return styleSheetElement;
+  }
+
+  /**
+   * Compare this <code>XSLTTransformation</code> to another.
+   * 
+   * @param other The object to compare this 
+   * <code>XSLTTransformation</code> to.
+   * @return <code>true</code>, if <code>other</code> is an
+   * <code>XSLTTransformation</code> and if the canonicalized representations of
+   * the stylesheets contained in <code>this</code> and <code>other</code>
+   * match. Otherwise, <code>false</code> is returned.
+   * @see java.lang.Object#equals(Object)
+   */
+  public boolean equals(Object other) {
+    if (other instanceof XSLTTransformation) {
+      XSLTTransformation xslt = (XSLTTransformation) other;
+      
+      return compareElements(
+        getStylesheetElement(),
+        xslt.getStylesheetElement());
+    }
+    return false;
+  }
+
+  /**
+   * @see java.lang.Object#hashCode()
+   */
+  public int hashCode() {
+    if (hashCode == 0) {
+      hashCode = calculateHashCode(getStylesheetElement());
+    }
+    return hashCode;
+  }
+
+  /**
+   * Calculate the hash code for a DOM element by canonicalizing it.
+   * 
+   * @param element The DOM element for which the hash code is to be calculated.
+   * @return int The hash code, or <code>0</code>, if it could not be
+   * calculated.
+   */
+  private static int calculateHashCode(Element element) {
+    try {
+      InputStream is = canonicalize(element);
+      byte[] buf = new byte[256];
+      int hashCode = 1;
+      int length;
+      int i;
+  
+      while ((length = is.read(buf)) > 0) {
+        for (i = 0; i < length; i++) {
+          hashCode += buf[i] * 31 + i;
+        }
+      }
+      is.close();
+      return hashCode;
+    } catch (AlgorithmException e) {
+      return 0;
+    } catch (IOException e) {
+      return 0;
+    }
+  }
+
+  /**
+   * Compare two DOM elements by canonicalizing their contents and comparing the
+   * resulting byte stream.
+   * 
+   * @param elem1 The 1st element to compare.
+   * @param elem2 The 2nd element to compare.
+   * @return boolean <code>true</code>, if the elements are considered equal
+   * after canonicalization. Otherwise <code>false</code> is returned.
+   */
+  private static boolean compareElements(Element elem1, Element elem2) {
+    try {
+      InputStream is1 = canonicalize(elem1);
+      InputStream is2 = canonicalize(elem2);
+      return StreamUtils.compareStreams(is1, is2);
+    } catch (AlgorithmException e) {
+      return false;
+    } catch (IOException e) {
+      return false;
+    }
+  }
+
+  /**
+   * Canonicalize a DOM element.
+   * 
+   * @param element The element to canonicalize.
+   * @return InputStream A stream with the canonicalized data.
+   * @throws AlgorithmException An error occurred canonicalizing the element.
+   */
+  private static InputStream canonicalize(Element element)
+    throws AlgorithmException {
+    CanonicalizationAlgorithm c14n =
+      new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
+    NodeList nodeList;
+  
+    try {
+      nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH);
+    } catch (XPathException e) {
+      nodeList = new NodeListAdapter(Collections.EMPTY_LIST);
+    }
+    c14n.setInput(nodeList);
+    return c14n.canonicalize();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
new file mode 100644
index 000000000..a14b83b7d
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/DataObjectTreatmentImpl.java
@@ -0,0 +1,150 @@
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import java.util.List;
+
+import iaik.server.modules.xmlsign.DataObjectTreatment;
+
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+
+/**
+ * An object encapsulating how to treat an associated <code>DataObject</code>
+ * when creating a signature.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class DataObjectTreatmentImpl implements DataObjectTreatment {
+  /** The final content MIME type. */
+  private String finalContentType;
+  /** The name of the hash algorithm. */
+  private String hashAlgorithmName;
+  /** This transformations to apply to the associated data object. */
+  private List transformationList;
+  /** Supplemental information for the transformations. */
+  private List transformationSupplements;
+  /** Whether to include the associated data object in the signature. */
+  private boolean includedInSignature;
+  /** Whether to include the associated data object in the manifest. */
+  private boolean referenceInManifest;
+  /** The object ID generator. */
+  private IdGenerator objIdGen;
+  
+  /**
+   * Create a new <code>DataObjectTreatmentImpl</code>.
+   * 
+   * @param objIdGen The <code>IdGenerator</code> for unique object IDs.
+   */
+  public DataObjectTreatmentImpl(IdGenerator objIdGen) {
+    this.objIdGen = objIdGen;
+  }
+  
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#getFinalContentType()
+   */
+  public String getFinalContentType() {
+    return finalContentType;
+  }
+
+  /**
+   * Sets the final content type.
+   * 
+   * @param finalContentType The final content type to set (a MIME-type type of
+   * <code>String</code>).
+   */
+  public void setFinalContentType(String finalContentType) {
+    this.finalContentType = finalContentType;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#getHashAlgorithmName()
+   */
+  public String getHashAlgorithmName() {
+    return hashAlgorithmName;
+  }
+
+  /**
+   * Sets the hash algorithm name.
+   * 
+   * @param hashAlgorithmName The hash algorithm name to set.
+   */
+  public void setHashAlgorithmName(String hashAlgorithmName) {
+    this.hashAlgorithmName = hashAlgorithmName;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#isIncludedInSignature()
+   */
+  public boolean isIncludedInSignature() {
+    return includedInSignature;
+  }
+
+  /**
+   * Sets whether the associated <code>DataObject</code> is to be included in
+   * the signature.
+   * 
+   * @param includedInSignature If <code>true</code>, the associated
+   * <code>DataObject</code> will be included in the signature, otherwise not.
+   */
+  public void setIncludedInSignature(boolean includedInSignature) {
+    this.includedInSignature = includedInSignature;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#isReferenceInManifest()
+   */
+  public boolean isReferenceInManifest() {
+    return referenceInManifest;
+  }
+
+  /**
+   * Sets whether the associated <code>DataObject</code> is
+   * to be included in the <code>dsig:Manifest</code>.
+   * 
+   * @param referenceInManifest If <code>true</code>, the associated
+   * <code>DataObject</code> will be included in the manifest, otherwise not.
+   */
+  public void setReferenceInManifest(boolean referenceInManifest) {
+    this.referenceInManifest = referenceInManifest;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationList()
+   */
+  public List getTransformationList() {
+    return transformationList;
+  }
+
+  /**
+   * Set the list of transformations for the associated <code>DataObject</code>.
+   * 
+   * @param transformationList The transformations to set.
+   */
+  public void setTransformationList(List transformationList) {
+    this.transformationList = transformationList;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#getTransformationSupplements()
+   */
+  public List getTransformationSupplements() {
+    return transformationSupplements;
+  }
+
+  /**
+   * Sets the transformation supplements for the associated
+   * <code>DataObject</code>.
+   * 
+   * @param transformationSupplements The transformation supplements to set.
+   */
+  public void setTransformationSupplements(List transformationSupplements) {
+    this.transformationSupplements = transformationSupplements;
+  }
+  
+  /**
+   * @see iaik.server.modules.xmlsign.DataObjectTreatment#getDsigDataObjectID()
+   */
+  public String getDsigDataObjectID() {
+    return objIdGen.uniqueId();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
new file mode 100644
index 000000000..5ec0057fb
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
@@ -0,0 +1,276 @@
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import java.util.List;
+import java.util.Set;
+
+import iaik.server.modules.algorithms.SignatureAlgorithms;
+import iaik.server.modules.keys.AlgorithmUnavailableException;
+import iaik.server.modules.keys.KeyEntryID;
+import iaik.server.modules.keys.KeyModule;
+import iaik.server.modules.keys.KeyModuleFactory;
+import iaik.server.modules.keys.UnknownKeyException;
+import iaik.server.modules.xml.Canonicalization;
+import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
+
+import at.gv.egovernment.moa.spss.server.logging.TransactionId;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+
+/**
+ * An object providing auxiliary information for creating an XML signature.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureCreationProfileImpl
+  implements XMLSignatureCreationProfile {
+
+  /** The transformations to apply to a data object. */
+  private List dataObjectTreatmentList;
+  /** The set of keys available to the signing process. */
+  private Set keySet;
+  /** The type URI of the signature manifest. */
+  private String securityLayerManifestTypeURI;
+  /** Whether the created signature is to be Security Layer conform. */ 
+  private boolean securityLayerConform;
+  /** Where to insert the signature into the signature environment. */
+  private XMLSignatureInsertionLocation signatureInsertionLocation;
+  /** The signature structur type. */
+  private String signatureStructureType;
+  /** The type of <code>Canonicalization</code> to use for the signed info. */
+  private Canonicalization signedInfoCanonicalization;
+  /** Properties to be signed during signature creation. */ 
+  private List signedProperties;
+  /** The ID generator for signature IDs. */
+  private IdGenerator signatureIDGenerator;
+  /** The ID generator for manifst IDs. */
+  private IdGenerator manifestIDGenerator;
+  /** The ID generator for XMLDsig manifest IDs. */
+  private IdGenerator dsigManifestIDGenerator;
+  /** The ID generator for signed property IDs. */
+  private IdGenerator propertyIDGenerator;
+
+  /**
+   * Create a new <code>XMLSignatureCreationProfileImpl</code>.
+   * 
+   * @param createProfileCount Provides external information about the 
+   * number of calls to the signature creation module, using the same request.
+   * @param reservedIDs The set of IDs that must not be used while generating
+   * new IDs.
+   */
+  public XMLSignatureCreationProfileImpl(
+    int createProfileCount,
+    Set reservedIDs) {
+    signatureIDGenerator =
+      new IdGenerator("signature-" + createProfileCount, reservedIDs);
+    manifestIDGenerator =
+      new IdGenerator("manifest-" + createProfileCount, reservedIDs);
+    dsigManifestIDGenerator =
+      new IdGenerator("dsig-manifest-" + createProfileCount, reservedIDs);
+    propertyIDGenerator =
+      new IdGenerator("etsi-signed-" + createProfileCount, reservedIDs);
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDataObjectTreatmentList()
+   */
+  public List getDataObjectTreatmentList() {
+    return dataObjectTreatmentList;
+  }
+
+  /**
+   * Sets the list of <code>DataObjectTreatment</code>s.
+   * 
+   * @param dataObjectTreatmentList The <code>DataObjectTreatment</code>s to
+   * set.
+   */
+  public void setDataObjectTreatmentList(List dataObjectTreatmentList) {
+    this.dataObjectTreatmentList = dataObjectTreatmentList;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getKeySet()
+   */
+  public Set getKeySet() {
+    return keySet;
+  }
+
+  /**
+   * Set the set of <code>KeyEntryID</code>s which may be used for signature
+   * creation.
+   * 
+   * @param keySet The set of <code>KeyEntryID</code>s to set.
+   */
+  public void setKeySet(Set keySet) {
+    this.keySet = keySet;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestTypeURI()
+   */
+  public String getSecurityLayerManifestTypeURI() {
+    return securityLayerManifestTypeURI;
+  }
+
+  /**
+   * Set the SecurityLayerManifestTypeURI.
+   * 
+   * @param securityLayerManifestTypeURI The SecurityLayerManifestTypeURI to
+   * set.
+   */
+  public void setSecurityLayerManifestTypeURI(String securityLayerManifestTypeURI) {
+    this.securityLayerManifestTypeURI = securityLayerManifestTypeURI;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureAlgorithmName(KeyEntryID)
+   */
+  public String getSignatureAlgorithmName(KeyEntryID selectedKeyID)
+    throws AlgorithmUnavailableException {
+
+    TransactionContext context =
+      TransactionContextManager.getInstance().getTransactionContext();
+    TransactionId tid = new TransactionId(context.getTransactionID());
+    KeyModule module = KeyModuleFactory.getInstance(tid);
+    Set algorithms;
+
+    try {
+      algorithms = module.getSupportedSignatureAlgorithms(selectedKeyID);
+    } catch (UnknownKeyException e) {
+      throw new AlgorithmUnavailableException(
+        "Unknown key entry: " + selectedKeyID,
+        e,
+        null);
+    }
+
+    if (algorithms.contains(SignatureAlgorithms.MD2_WITH_RSA)
+      || algorithms.contains(SignatureAlgorithms.MD5_WITH_RSA)
+      || algorithms.contains(SignatureAlgorithms.RIPEMD128_WITH_RSA)
+      || algorithms.contains(SignatureAlgorithms.RIPEMD160_WITH_RSA)
+      || algorithms.contains(SignatureAlgorithms.SHA1_WITH_RSA)
+      || algorithms.contains(SignatureAlgorithms.SHA256_WITH_RSA)) {
+
+      return SignatureAlgorithms.SHA1_WITH_RSA;
+    } else if (
+      algorithms.contains(SignatureAlgorithms.ECDSA_X962_C2TNB191V1)) {
+      return SignatureAlgorithms.ECDSA_X962_C2TNB191V1;
+    } else {
+      throw new AlgorithmUnavailableException(
+        "No algorithm for key entry: " + selectedKeyID,
+        null,
+        null);
+    }
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureInsertionLocation()
+   */
+  public XMLSignatureInsertionLocation getSignatureInsertionLocation() {
+    return signatureInsertionLocation;
+  }
+
+  /**
+   * Set the location where the signature is to be inserted into the signature
+   * parent.
+   * 
+   * @param signatureInsertionLocation The location to set.
+   */
+  public void setSignatureInsertionLocation(XMLSignatureInsertionLocation signatureInsertionLocation) {
+    this.signatureInsertionLocation = signatureInsertionLocation;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureStructureType()
+   */
+  public String getSignatureStructureType() {
+    return signatureStructureType;
+  }
+
+  /**
+   * Set the signature structure type.
+   * @param signatureStructureType The signature structure type to set.
+   */
+  public void setSignatureStructureType(String signatureStructureType) {
+    this.signatureStructureType = signatureStructureType;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedInfoCanonicalization()
+   */
+  public Canonicalization getSignedInfoCanonicalization() {
+    return signedInfoCanonicalization;
+  }
+
+  /**
+   * Sets the canonicalization method to use for the SignedInfo object.
+   * 
+   * @param signedInfoCanonicalization The canonicalization method to set.
+   */
+  public void setSignedInfoCanonicalization(Canonicalization signedInfoCanonicalization) {
+    this.signedInfoCanonicalization = signedInfoCanonicalization;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedProperties()
+   */
+  public List getSignedProperties() {
+    return signedProperties;
+  }
+
+  /**
+   * Set the signed properties.
+   * 
+   * @param signedProperties The signed properties to set.
+   */
+  public void setSignedProperties(List signedProperties) {
+    this.signedProperties = signedProperties;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#isSecurityLayerConform()
+   */
+  public boolean isSecurityLayerConform() {
+    return securityLayerConform;
+  }
+
+  /**
+   * Sets the security layer conformity.
+   * 
+   * @param securityLayerConform <code>true</code>, if the created signature
+   * is to be conform to the Security Layer specification.
+   */
+  public void setSecurityLayerConform(boolean securityLayerConform) {
+    this.securityLayerConform = securityLayerConform;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignatureID()
+   */
+  public String getSignatureID() {
+    return signatureIDGenerator.uniqueId();
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSecurityLayerManifestID()
+   */
+  public String getSecurityLayerManifestID() {
+    return manifestIDGenerator.uniqueId();
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getDsigManifestID()
+   */
+  public String getDsigManifestID() {
+    return dsigManifestIDGenerator.uniqueId();
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureCreationProfile#getSignedPropertiesID()
+   */
+  public String getSignedPropertiesID() {
+    return propertyIDGenerator.uniqueId();
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
new file mode 100644
index 000000000..d55f61303
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureInsertionLocationImpl.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.spss.server.iaik.xmlsign;
+
+import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
+
+/**
+ * An object giving the location of where the signature will be
+ * inserted into the parent element.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureInsertionLocationImpl
+  implements XMLSignatureInsertionLocation {
+
+  /** Where to put the signature into the signature parent element. */
+  private int signatureChildIndex;
+  
+  /**
+   * Create a new <code>XMLSignatureInsertLocationImpl</code>.
+   * 
+   * @param signatureChildIndex The position index at which to append the
+   * signature to the parent element.
+   */
+  public XMLSignatureInsertionLocationImpl(int signatureChildIndex) {
+    setSignatureChildIndex(signatureChildIndex);
+  }
+
+  /**
+   * @see iaik.server.modules.xmlsign.XMLSignatureInsertionLocation#getSignatureChildIndex()
+   */
+  public int getSignatureChildIndex() {
+    return signatureChildIndex;
+  }
+
+  /**
+   * Sets the position index at which to append the signature to the parent
+   * element.
+   * 
+   * @param signatureChildIndex The position index to set.
+   */
+  public void setSignatureChildIndex(int signatureChildIndex) {
+    this.signatureChildIndex = signatureChildIndex;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
new file mode 100644
index 000000000..216596dc3
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/xmlverify/XMLSignatureVerificationProfileImpl.java
@@ -0,0 +1,131 @@
+package at.gv.egovernment.moa.spss.server.iaik.xmlverify;
+
+import java.util.List;
+
+import iaik.pki.PKIProfile;
+import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
+
+/**
+ * An object providing auxiliary information for verifying an XML signature.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class XMLSignatureVerificationProfileImpl
+  implements XMLSignatureVerificationProfile {
+
+  /** Whether to check the Security Layer manifest. */
+  private boolean checkSecurityLayerManifest;
+  /** Whether to check the XMLDsig manifest. */
+  private boolean checkXMLDsigManifests;
+  /** The profile for validating the signer certificate. */
+  private PKIProfile certificateValidationProfile;
+  /** Supplements for the transformations. */
+  private List transformationSupplements;
+  /** Whether to include hash input data in the response. */
+  private boolean includeHashInputData;
+  /** Whether to include reference input data in the response. */
+  private boolean includeReferenceInputData;
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkSecurityLayerManifest()
+   */
+  public boolean checkSecurityLayerManifest() {
+    return checkSecurityLayerManifest;
+  }
+
+  /**
+   * Set whether to check the references in the Security Layer manifest.
+   * 
+   * @param checkSecurityLayerManifest <code>true</code>, if the references
+   * in the Security Layer manifest must be checked.
+   */
+  public void setCheckSecurityLayerManifest(boolean checkSecurityLayerManifest) {
+    this.checkSecurityLayerManifest = checkSecurityLayerManifest;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#checkXMLDsigManifests()
+   */
+  public boolean checkXMLDsigManifests() {
+    return checkXMLDsigManifests;
+  }
+
+  /**
+   * Sets whether to check the references of all XML Dsig manifests.
+   * 
+   * @param checkXMLDSigManifests <code>true</code>, if the references in the
+   * XML Dsig manifest must be checked.
+   */
+  public void setCheckXMLDsigManifests(boolean checkXMLDSigManifests) {
+    this.checkXMLDsigManifests = checkXMLDSigManifests;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getCertificateValidationProfile()
+   */
+  public PKIProfile getCertificateValidationProfile() {
+    return certificateValidationProfile;
+  }
+
+  /**
+   * Sets the profile for validating the signer certificate.
+   * 
+   * @param certificateValidationProfile The certificate validation profile to
+   * set.
+   */
+  public void setCertificateValidationProfile(PKIProfile certificateValidationProfile) {
+    this.certificateValidationProfile = certificateValidationProfile;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#getTransformationSupplements()
+   */
+  public List getTransformationSupplements() {
+    return transformationSupplements;
+  }
+
+  /**
+   * Sets the transformation supplements.
+   * 
+   * @param transformationSupplements The transformation supplements to set.
+   */
+  public void setTransformationSupplements(List transformationSupplements) {
+    this.transformationSupplements = transformationSupplements;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeHashInputData()
+   */
+  public boolean includeHashInputData() {
+    return includeHashInputData;
+  }
+
+  /**
+   * Set whether to include the hash input data in the result.
+   * 
+   * @param includeHashInputData If <code>true</code>, the hash input data
+   * will be returned in the result.
+   */
+  public void setIncludeHashInputData(boolean includeHashInputData) {
+    this.includeHashInputData = includeHashInputData;
+  }
+
+  /**
+   * @see iaik.server.modules.xmlverify.XMLSignatureVerificationProfile#includeReferenceInputData()
+   */
+  public boolean includeReferenceInputData() {
+    return includeReferenceInputData;
+  }
+
+  /**
+   * Set whether to include the reference input data in the result.
+   * 
+   * @param includeReferenceInputData If <code>true</code>, the reference
+   * input data will be included in the result.
+   */
+  public void setIncludeReferenceInputData(boolean includeReferenceInputData) {
+    this.includeReferenceInputData = includeReferenceInputData;
+  }
+
+}