Lösung für Bug 232 implementiert. Noch nicht final getestet.

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@406 d688527b-c9ab-4aba-bd8d-4036d912da1d

9 files changed, 629 insertions, 56 deletions

diff --git a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd
index 8bd5f4af8..80842b36c 100644
--- a/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd
+++ b/spss.server/res/resources/wsdl/MOA-SPSS-1.2.xsd
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>

 <!--

-  MOA SP/SS 1.2 Schema

+  MOA SP/SS 1.3 Schema

 -->

-<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">

+<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">

   <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>

   <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>

   <!--########## Create XML Signature ###-->

@@ -155,8 +155,8 @@
           <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>

         </xsd:annotation>

       </xsd:element>

-      <xsd:element name="HashInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>

-      <xsd:element name="ReferenceInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>

+      <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>

+      <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>

       <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>

       <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>

       <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>

@@ -166,6 +166,22 @@
   <xsd:simpleType name="ProfileIdentifierType">

     <xsd:restriction base="xsd:token"/>

   </xsd:simpleType>

+  <xsd:complexType name="InputDataType">

+    <xsd:complexContent>

+      <xsd:extension base="ContentExLocRefBaseType">

+        <xsd:attribute name="PartOf" use="optional" default="SignedInfo">

+          <xsd:simpleType>

+            <xsd:restriction base="xsd:token">

+              <xsd:enumeration value="SignedInfo"/>

+              <xsd:enumeration value="XMLDSIGManifest"/>

+              <xsd:enumeration value="SignatureManifest"/>

+            </xsd:restriction>

+          </xsd:simpleType>

+        </xsd:attribute>

+        <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>

+      </xsd:extension>

+    </xsd:complexContent>

+  </xsd:complexType>

   <xsd:complexType name="MetaInfoType">

     <xsd:sequence>

       <xsd:element name="MimeType" type="MimeTypeType"/>

diff --git a/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java
new file mode 100644
index 000000000..0ff175b50
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/MOARuntimeException.java
@@ -0,0 +1,163 @@
+package at.gv.egovernment.moa.spss;
+import java.io.PrintStream;
+import java.io.PrintWriter;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moa.util.Constants;
+
+/**
+ * Base class of MOA specific runtime exceptions.
+ * 
+ * This class has the ability to wrap other exceptions which may be seen
+ * as the root cause for this exception. A similar mechanism is in place
+ * since JDK1.4 (see the <code>getClause()</code> method) but will not be used
+ * because of required compatibility with JDK1.3.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class MOARuntimeException extends RuntimeException {
+  /** The message ID. */
+  private String messageId;
+  /** The wrapped <code>Throwable</code>. */
+  private Throwable wrapped;
+
+  /**
+   * Create a <code>MOAException</code>.
+   * 
+   * @param messageId The message ID of the message contained in the created
+   * <code>MOAException</code>.
+   * @param parameters The parameters needed to fill in the message arguments.
+   */
+  public MOARuntimeException(String messageId, Object[] parameters) {
+    super(MessageProvider.getInstance().getMessage(messageId, parameters));
+    this.messageId = messageId;
+  }
+
+  /**
+   * Create a <code>MOAException</code>.
+   * 
+   * @param messageId The message ID of the message contained in the created
+   * <code>MOAException</code>.
+   * @param parameters The parameters needed to fill in the message arguments.
+   * @param wrapped The exception wrapped by the created
+   * <code>MOAException</code>.
+   */
+  public MOARuntimeException(
+    String messageId,
+    Object[] parameters,
+    Throwable wrapped) {
+
+    super(MessageProvider.getInstance().getMessage(messageId, parameters));
+    this.messageId = messageId;
+    this.wrapped = wrapped;
+  }
+
+  /**
+   * Returns the message ID of this exception.
+   * 
+   * @return The message ID as provided in the constructor.
+   */
+  public String getMessageId() {
+    return messageId;
+  }
+
+  /**
+   * Returns the exception wrapped by this <code>MOARuntimeException</code>.
+   * 
+   * @return The exception wrapped by this exception. Possibly
+   * <code>null</code>, if none was provided at construction time.
+   */
+  public Throwable getWrapped() {
+    return wrapped;
+  }
+
+  /**
+   * Convert this <code>MOARuntimeException</code> to an <code>ErrorResponse</code>
+   * element from the MOA namespace.
+   * 
+   * @return An <code>ErrorResponse</code> element, containing the subelements
+   * <code>ErrorCode</code> and <code>Info</code> required by the MOA schema.
+   */
+  public Element toErrorResponse() {
+    DocumentBuilder builder;
+    DOMImplementation impl;
+    Document doc;
+    Element errorResponse;
+    Element errorCode;
+    Element info;
+
+    // create a new document
+    try {
+      builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+      impl = builder.getDOMImplementation();
+    } catch (ParserConfigurationException e) {
+      return null;
+    }
+
+    // build the ErrorResponse element
+    doc = impl.createDocument(Constants.MOA_NS_URI, "ErrorResponse", null);
+    errorResponse = doc.getDocumentElement();
+
+    // add MOA namespace declaration
+    errorResponse.setAttributeNS(
+      Constants.XMLNS_NS_URI,
+      "xmlns",
+      Constants.MOA_NS_URI);
+
+    // build the child elements    
+    errorCode = doc.createElementNS(Constants.MOA_NS_URI, "ErrorCode");
+    errorCode.appendChild(doc.createTextNode(messageId));
+    info = doc.createElementNS(Constants.MOA_NS_URI, "Info");
+    info.appendChild(doc.createTextNode(getMessage()));
+    errorResponse.appendChild(errorCode);
+    errorResponse.appendChild(info);
+    return errorResponse;
+  }
+  
+  /**
+   * Print a stack trace of this exception to <code>System.err</code>.
+   * 
+   * @see java.lang.Throwable#printStackTrace()
+   */
+  public void printStackTrace() {
+    printStackTrace(System.err);
+  }
+
+  /**
+   * Print a stack trace of this exception, including the wrapped exception.
+   * 
+   * @param s The stream to write the stack trace to.
+   * @see java.lang.Throwable#printStackTrace(java.io.PrintStream)
+   */
+  public void printStackTrace(PrintStream s) {
+    super.printStackTrace(s);
+    if (getWrapped() != null) {
+      s.print("Caused by: ");
+      getWrapped().printStackTrace(s);
+    }
+  }
+
+  /**
+   * Print a stack trace of this exception, including the wrapped exception.
+   * 
+   * @param s The stream to write the stacktrace to.
+   * @see java.lang.Throwable#printStackTrace(java.io.PrintWriter)
+   */
+  public void printStackTrace(PrintWriter s) {
+    super.printStackTrace(s);
+    if (getWrapped() != null) {
+      s.print("Caused by: ");
+      getWrapped().printStackTrace(s);
+    }
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java
new file mode 100644
index 000000000..1ecce90e7
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/api/common/InputData.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.spss.api.common;
+
+/**
+ * Interface specifying accessors for two attributes needed for returning 
+ * <code>HashInputData</code> and <code>ReferenceInputData</code> information
+ * as part of <code>VerifyXMLSignatureResponse</code>.
+ * 
+ * @author Gregor Karlinger
+ * 
+ * @version $Id$
+ */
+public interface InputData extends Content
+{
+  /**
+   * Possible value returned by {@link getPartOf}. 
+   */
+  public static String CONTAINER_SIGNEDINFO_ = "SignedInfo";
+
+  /**
+   * Possible value returned by {@link getPartOf}. 
+   */
+  public static String CONTAINER_XMLDSIGMANIFEST_ = "XMLDSIGManifest";
+  
+  /**
+   * Possible value returned by {@link getPartOf}. 
+   */
+  public static String CONTAINER_SIGNATUREMANIFEST_ = "SignatureManifest";
+  
+  /**
+   * Value returned by {link getReferringReferenceNumber}, signalling that the
+   * attribute is not used.
+   */
+  public static int REFERER_NONE_ = -1;
+  
+  /**
+   * Returns a <code>String</code> signalling what kind of container the 
+   * XMLDSIG <code>Reference</code> this <code>InputData</code> belongs 
+   * to is part of.
+   * 
+   * @return the kind of container. 
+   */
+  public String getPartOf();
+  
+  /**
+   * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+   * being part of either a XMLDSIGManifest or a SignatureManifest, this method
+   * returns a positive int value signalling the particular <code>Reference</code>
+   * of the XMLDSIG <code>SignedInfo</code> referring to the XMLDSIGManifest or
+   * SignatureManifest respectively.
+   */
+  public int getReferringReferenceNumber();
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java
new file mode 100644
index 000000000..42d61559e
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataBinaryImpl.java
@@ -0,0 +1,99 @@
+package at.gv.egovernment.moa.spss.api.impl;
+
+import java.io.InputStream;
+
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+
+/**
+ * Content wrapper decorating a binary content with two additional attributes 
+ * needed for returning <code>HashInputData</code> and <code>ReferenceInputData
+ * </code> information as part of <code>VerifyXMLSignatureResponse</code>.
+ * 
+ * @author Gregor Karlinger
+ * 
+ * @version $Id$
+ */
+public class InputDataBinaryImpl implements ContentBinary, InputData
+{
+  /**
+   * The wrapped <code>Content</code>.
+   */
+  protected ContentBinary wrapped_;
+  
+  /**
+   * This attribute signals what kind of container the XMLDSIG <code>Reference</code>
+   * this <code>InputData</code> belongs to is part of. 
+   */
+  protected String partOf_;
+  
+  /**
+   * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+   * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute
+   * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG 
+   * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest
+   * respectively.
+   */
+  protected int referringReferenceNumber_;
+  
+  /**
+   * Creates a new instance.
+   * 
+   * @param wrapped The wrapped <code>Content</code>. Must be of type {@link Content#BINARY_CONTENT}.
+   * 
+   * @param partOf see {@link InputData}
+   * 
+   * @param referringReferenceNumber see {@link InputData}
+   */
+  public InputDataBinaryImpl(Content wrapped, String partOf, int referringReferenceNumber) throws MOARuntimeException
+  {
+    if (wrapped.getContentType() != Content.BINARY_CONTENT) throw new MOARuntimeException("9901", null);
+    
+    wrapped_ = (ContentBinary) wrapped;
+    partOf_ =  partOf;
+    referringReferenceNumber_ = referringReferenceNumber;
+  }
+  
+  /** 
+   * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType()
+   */
+  public int getContentType()
+  {
+    return wrapped_.getContentType();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.Content#getReference()
+   */
+  public String getReference()
+  {
+    return wrapped_.getReference();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.ContentBinary#getBinaryContent()
+   */
+  public InputStream getBinaryContent()
+  {
+    return wrapped_.getBinaryContent();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf()
+   */
+  public String getPartOf()
+  {
+    return partOf_;
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber()
+   */
+  public int getReferringReferenceNumber()
+  {
+    return referringReferenceNumber_;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java
new file mode 100644
index 000000000..029a402f5
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/InputDataXMLImpl.java
@@ -0,0 +1,99 @@
+package at.gv.egovernment.moa.spss.api.impl;
+
+import org.w3c.dom.NodeList;
+
+import at.gv.egovernment.moa.spss.MOARuntimeException;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+
+/**
+ * Content wrapper decorating an XML content with two additional attributes 
+ * needed for returning <code>HashInputData</code> and <code>ReferenceInputData
+ * </code> information as part of <code>VerifyXMLSignatureResponse</code>.
+ * 
+ * @author Gregor Karlinger
+ * 
+ * @version $Id$
+ */
+public class InputDataXMLImpl implements ContentXML, InputData
+{
+  /**
+   * The wrapped <code>ContentXML</code>.
+   */
+  protected ContentXML wrapped_;
+  
+  /**
+   * This attribute signals what kind of container the XMLDSIG <code>Reference</code>
+   * this <code>InputData</code> belongs to is part of. 
+   */
+  protected String partOf_;
+  
+  /**
+   * If this <code>InputData</code> belongs to an XMLDSIG <code>Reference</code>
+   * being part of either a XMLDSIGManifest or a SignatureManifest, this attribute
+   * (a positive int) signals the particular <code>Reference</code> of the XMLDSIG 
+   * <code>SignedInfo</code> referring to the XMLDSIGManifest or SignatureManifest
+   * respectively.
+   */
+  protected int referringReferenceNumber_;
+  
+  /**
+   * Creates a new instance.
+   * 
+   * @param wrapped The wrapped <code>ContentBinary</code>. Must be of type {@link Content#XML_CONTENT}.
+   * 
+   * @param partOf see {@link InputData}
+   * 
+   * @param referringReferenceNumber see {@link InputData}
+   */
+  public InputDataXMLImpl(Content wrapped, String partOf, int referringReferenceNumber)
+  {
+    if (wrapped.getContentType() != Content.XML_CONTENT) throw new MOARuntimeException("9901", null);
+
+    wrapped_ = (ContentXML) wrapped;
+    partOf_ =  partOf;
+    referringReferenceNumber_ = referringReferenceNumber;
+  }
+  
+  /** 
+   * @see at.gv.egovernment.moa.spss.api.common.Content#getContentType()
+   */
+  public int getContentType()
+  {
+    return wrapped_.getContentType();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.Content#getReference()
+   */
+  public String getReference()
+  {
+    return wrapped_.getReference();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.ContentXML#getXMLContent()
+   */
+  public NodeList getXMLContent()
+  {
+    return wrapped_.getXMLContent();
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.InputData#getPartOf()
+   */
+  public String getPartOf()
+  {
+    return partOf_;
+  }
+
+  /**
+   * @see at.gv.egovernment.moa.spss.api.common.InputData#getReferringReferenceNumber()
+   */
+  public int getReferringReferenceNumber()
+  {
+    return referringReferenceNumber_;
+  }
+
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
index f163013c1..989dbfb4a 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureResponseImpl.java
@@ -18,10 +18,17 @@ public class VerifyXMLSignatureResponseImpl
 
   /** Information about the signer certificate. */
   private SignerInfo signerInfo;
-  /** The hash input data objects. */
+  
+  /** 
+   * The hash input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s.
+   * */
   private List hashInputDatas = new ArrayList();
-  /** The reference input data objects. */
+  
+  /** 
+   * The reference input data objects. The list consists of {@link at.gv.egovernment.moa.spss.api.common.InputData}s. 
+   * */
   private List referenceInputDatas = new ArrayList();
+  
   /** Information about the signature check. */
   private ReferencesCheckResult signatureCheck;
   /** Information about the signature manifest check. */
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
index 56bcf63fa..960d9571d 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
@@ -17,6 +17,7 @@ import at.gv.egovernment.moa.spss.MOASystemException;
 import at.gv.egovernment.moa.spss.api.common.Content;
 import at.gv.egovernment.moa.spss.api.common.ContentBinary;
 import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.InputData;
 import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult;
 import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
@@ -78,8 +79,8 @@ public class VerifyXMLSignatureResponseBuilder {
     responseData = response.getHashInputDatas();
     if (responseData != null && !responseData.isEmpty()) {
       for (iter = responseData.iterator(); iter.hasNext();) {
-        Content content = (Content) iter.next();
-        addContent("HashInputData", content);
+        InputData inputData = (InputData) iter.next();
+        addContent("HashInputData", inputData);
       }
     }
 
@@ -87,8 +88,8 @@ public class VerifyXMLSignatureResponseBuilder {
     responseData = response.getReferenceInputDatas();
     if (responseData != null && !responseData.isEmpty()) {
       for (iter = responseData.iterator(); iter.hasNext();) {
-        Content content = (Content) iter.next();
-        addContent("ReferenceInputData", content);
+        InputData inputData = (InputData) iter.next();
+        addContent("ReferenceInputData", inputData);
       }
     }
 
@@ -127,23 +128,32 @@ public class VerifyXMLSignatureResponseBuilder {
    * Add an element of type <code>ContentBaseType</code> to the response.
    * 
    * @param elementName The name of the element.
-   * @param content The <code>Content</code> to add. Based on the type of
-   * the <code>Content</code>, either a <code>Base64Content</code> element
-   * or a <code>XMLContent</code> subelement will be added. A
-   * <code>ContentBinary</code> of type <code>BinaryDataObject</code> will be 
-   * added as a <code>Base64Content</code> child element. 
-   * <code>ContentXML</code> will be added as <code>XMLContent</code> child 
-   * element.
+   * 
+   * @param inputData The <code>InputData</code> to add. Based on the type of
+   * 
+   * the <code>InputData</code>, either a <code>Base64Content</code> element
+   * or a <code>XMLContent</code> subelement will be added. An <code>
+   * InputDataBinaryImpl</code> will be added as a <code>Base64Content</code>
+   * child element. An<code>InputDataXMLImpl</code> will be added as <code>
+   * XMLContent</code> child element.
+   * 
    * @throws MOAApplicationException An error occurred adding the content.
    */
-  private void addContent(String elementName, Content content)
+  private void addContent(String elementName, InputData inputData)
     throws MOAApplicationException {
 
     Element contentElem = responseDoc.createElementNS(MOA_NS_URI, elementName);
 
-    switch (content.getContentType()) {
+    contentElem.setAttributeNS(null, "PartOf", inputData.getPartOf());
+    if (inputData.getReferringReferenceNumber() != InputData.REFERER_NONE_)
+      contentElem.setAttributeNS(
+        null, 
+        "ReferringSigReference", 
+        Integer.toString(inputData.getReferringReferenceNumber()));
+    
+    switch (inputData.getContentType()) {
       case Content.XML_CONTENT :
-        ContentXML contentXml = (ContentXML) content;
+        ContentXML contentXml = (ContentXML) inputData;
         NodeList nodes = contentXml.getXMLContent();
         Element xmlElem;
         int i;
@@ -161,7 +171,7 @@ public class VerifyXMLSignatureResponseBuilder {
       case Content.BINARY_CONTENT :
         Element binaryElem =
           responseDoc.createElementNS(MOA_NS_URI, "Base64Content");
-        ContentBinary contentBinary = (ContentBinary) content;
+        ContentBinary contentBinary = (ContentBinary) inputData;
         String base64Str;
 
         try {
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
index af5787795..076e9d1a5 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
@@ -1,13 +1,5 @@
 package at.gv.egovernment.moa.spss.server.invoke;
 
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.w3c.dom.DocumentFragment;
-import org.w3c.dom.NodeList;
-
 import iaik.ixsil.algorithms.CanonicalizationAlgorithm;
 import iaik.ixsil.algorithms.CanonicalizationAlgorithmImplExclusiveCanonicalXMLWithComments;
 import iaik.server.modules.xml.BinaryDataObject;
@@ -24,19 +16,29 @@ import iaik.server.modules.xmlverify.XMLSignatureVerificationProfile;
 import iaik.server.modules.xmlverify.XMLSignatureVerificationResult;
 import iaik.x509.X509Certificate;
 
-import at.gv.egovernment.moa.util.CollectionUtils;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.NodeListAdapter;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.w3c.dom.DocumentFragment;
+import org.w3c.dom.NodeList;
 
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.CheckResult;
 import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.InputData;
 import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.impl.InputDataBinaryImpl;
+import at.gv.egovernment.moa.spss.api.impl.InputDataXMLImpl;
 import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
 import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.util.CollectionUtils;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.NodeListAdapter;
 
 /**
  * A class to build a <code>VerifyXMLSignatureResponse</code> object.
@@ -123,23 +125,76 @@ public class VerifyXMLSignatureResponseBuilder {
         certResult.isPublicAuthorityCertificate(),
         certResult.getPublicAuthorityID());
 
-    // add HashInputData Content objects
+    // Create HashInputData Content objects
     referenceDataList = result.getReferenceDataList();
     if (profile.includeHashInputData()) {
       hashInputDatas = new ArrayList();
-      for (iter = referenceDataList.iterator(); iter.hasNext();) {
-        referenceData = (ReferenceData) iter.next();
-        hashInputDatas.add(buildContent(referenceData.getHashInputData()));
+      
+      // Include SignedInfo references
+      addHashInputDatas(
+        hashInputDatas, 
+        referenceDataList, 
+        InputData.CONTAINER_SIGNEDINFO_, 
+        InputData.REFERER_NONE_);
+      
+      // Include SignatureManifest references
+      if (result.containsSecurityLayerManifest())
+      {
+        List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList();
+        addHashInputDatas(
+          hashInputDatas, 
+          sigMFReferenceDataList, 
+          InputData.CONTAINER_SIGNATUREMANIFEST_,
+          result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex());
+      }
+      
+      // Include XMLDSIGManifest references
+      List xMLDSIGManifests = result.getDsigManifestList();
+      for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
+      {
+        DsigManifest currentMF = (DsigManifest) iter.next();
+        List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+        addHashInputDatas(
+          hashInputDatas, 
+          xMLDSIGMFReferenceDataList, 
+          InputData.CONTAINER_XMLDSIGMANIFEST_, 
+          currentMF.getReferringReferenceInfo().getReferenceIndex());
       }
     }
 
-    // create the ReferenceInputData Content objects
+    // Create the ReferenceInputData Content objects
     if (profile.includeReferenceInputData()) {
       referenceInputDatas = new ArrayList();
-      for (iter = referenceDataList.iterator(); iter.hasNext();) {
-        referenceData = (ReferenceData) iter.next();
-        referenceInputDatas.add(
-          buildContent(referenceData.getReferenceInputData()));
+      
+      // Include SignedInfo references
+      addReferenceInputDatas(
+        referenceInputDatas, 
+        referenceDataList, 
+        InputData.CONTAINER_SIGNEDINFO_, 
+        InputData.REFERER_NONE_);
+
+      // Include SignatureManifest references
+      if (result.containsSecurityLayerManifest())
+      {
+        List sigMFReferenceDataList = result.getSecurityLayerManifest().getReferenceDataList();
+        addReferenceInputDatas(
+          referenceInputDatas, 
+          sigMFReferenceDataList, 
+          InputData.CONTAINER_SIGNATUREMANIFEST_,
+          result.getSecurityLayerManifest().getReferringReferenceInfo().getReferenceIndex());
+      }
+
+      // Include XMLDSIGManifest references
+      List xMLDSIGManifests = result.getDsigManifestList();
+      for (iter = xMLDSIGManifests.iterator(); iter.hasNext();)
+      {
+        DsigManifest currentMF = (DsigManifest) iter.next();
+        List xMLDSIGMFReferenceDataList = currentMF.getReferenceDataList();
+        addReferenceInputDatas(
+          referenceInputDatas, 
+          xMLDSIGMFReferenceDataList, 
+          InputData.CONTAINER_XMLDSIGMANIFEST_, 
+          currentMF.getReferringReferenceInfo().getReferenceIndex());
       }
     }
 
@@ -183,7 +238,7 @@ public class VerifyXMLSignatureResponseBuilder {
           else
           {
             // security layer manifest exists, but has errors
-            failedReferences = buildFailedReferences(slManifest.getReferenceInfoList());
+            failedReferences = buildFailedReferences(slManifest.getReferenceDataList());
             checkResultInfo = (failedReferences != null)
               ? factory.createReferencesCheckResultInfo(null, failedReferences)
               : null;
@@ -221,7 +276,7 @@ public class VerifyXMLSignatureResponseBuilder {
         ManifestRefsCheckResultInfo manifestCheckResultInfo;
 
         failedReferences =
-          buildFailedReferences(dsigManifest.getReferenceInfoList());
+          buildFailedReferences(dsigManifest.getReferenceDataList());
         manifestCheckResultInfo =
           factory.createManifestRefsCheckResultInfo(
             null,
@@ -239,27 +294,93 @@ public class VerifyXMLSignatureResponseBuilder {
   }
 
   /**
-   * Build a <code>Content</code> object from the given <code>DataObject</code>.
+   * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will
+   * be created from {@link ReferenceData#getHashInputData()}.
+   * 
+   * @param inputDatas The list to be amended.
+   * 
+   * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
+   * 
+   * @param containerType The type of container of the {@link InputData} objects to be created.
+   * 
+   * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
+   * 
+   * @throws MOAApplicationException if creating an {@link InputData} fails. 
+   */
+  private void addHashInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
+  throws MOAApplicationException
+  {
+    for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
+    {
+      ReferenceData referenceData = (ReferenceData) iter.next();
+      inputDatas.add(buildInputData(
+        referenceData.getHashInputData(),
+        containerType,
+        refererNumber));
+    }
+  }
+  
+  /**
+   * Adds {@link InputData} entries to the specified <code>inputDatas</code> list. The content of the entry will
+   * be created from {@link ReferenceData#getReferenceInputData()}.
+   * 
+   * @param inputDatas The list to be amended.
+   * 
+   * @param referenceDataList The list of {@link ReferenceData} objects to be investigated.
+   * 
+   * @param containerType The type of container of the {@link InputData} objects to be created.
+   * 
+   * @param refererNumber The number of the referring reference for the {@link InputData} objects to be created.
+   * 
+   * @throws MOAApplicationException if creating an {@link InputData} fails. 
+   */
+  private void addReferenceInputDatas(List inputDatas, List referenceDataList, String containerType, int refererNumber)
+    throws MOAApplicationException
+  {
+    for (Iterator iter = referenceDataList.iterator(); iter.hasNext();)
+    {
+      ReferenceData referenceData = (ReferenceData) iter.next();
+      inputDatas.add(buildInputData(
+        referenceData.getReferenceInputData(),
+        containerType,
+        refererNumber));
+    }
+  }
+
+  /**
+   * Build a <code>InputDataBinaryImpl</code> or an <code>InputDataXMLImpl</code>
+   * object from the given <code>DataObject</code> and the given attributes.
+   * 
+   * @param dataObject The <code>DataObject</code> from which to build the result.
+   * Based on the type of this parameter, the type of the result will either be
+   * <code>InputDataBinaryImpl</code> or <code>InputDataXMLImpl</code>. 
+   * 
+   * @param partof see {@link InputData}
+   * 
+   * @param referringReferenceNumber see {@link InputData}
    * 
-   * @param dataObject The <code>DataObject</code> from which to build the
-   * <code>Content</code>. Based on the type of this parameter, the type of
-   * <code>Content</code> will either be <code>XML_CONTENT</code> or
-   * <code>BINARY_CONTENT</code>. 
-   * @return The <code>Content</code> object containing the data. 
-   * @throws MOAApplicationException An error occurred adding the content.
+   * @return The corresponinding input data implementation.
+   *  
+   * @throws MOAApplicationException An error occurred creating the result.
    */
-  private Content buildContent(DataObject dataObject)
+  private Content buildInputData(DataObject dataObject, String partOf, int referringReferenceNumber)
     throws MOAApplicationException {
 
     if (dataObject instanceof BinaryDataObject) {
       BinaryDataObject binaryData = (BinaryDataObject) dataObject;
-      return factory.createContent(binaryData.getInputStream(), null);
+      return new InputDataBinaryImpl(
+        factory.createContent(binaryData.getInputStream(), null),
+        partOf,
+        referringReferenceNumber);
     } else if (dataObject instanceof XMLDataObject) {
       XMLDataObject xmlData = (XMLDataObject) dataObject;
       List nodes = new ArrayList();
 
       nodes.add(xmlData.getElement());
-      return factory.createContent(new NodeListAdapter(nodes), null);
+      return new InputDataXMLImpl(
+        factory.createContent(new NodeListAdapter(nodes), null),
+        partOf,
+        referringReferenceNumber);
     } else { // dataObject instanceof XMLNodeListDataObject
       // if the data in the NodeList can be converted back to valid XML,
       // write it as XMLContent; otherwise, write it as Base64Content 
@@ -271,7 +392,10 @@ public class VerifyXMLSignatureResponseBuilder {
         try {
           DocumentFragment fragment = DOMUtils.nodeList2DocumentFragment(nodes);
 
-          return factory.createContent(fragment.getChildNodes(), null);
+          return new InputDataXMLImpl(
+            factory.createContent(fragment.getChildNodes(), null),
+            partOf, 
+            referringReferenceNumber);
         } catch (Exception e) {
           // not successful -> fall through to the Base64Content
         }
@@ -285,7 +409,10 @@ public class VerifyXMLSignatureResponseBuilder {
 
         c14n.setInput(nodes);
         is = c14n.canonicalize();
-        return factory.createContent(is, null);
+        return new InputDataBinaryImpl(
+          factory.createContent(is, null),
+          partOf,
+          referringReferenceNumber);
       } catch (Exception e) {
         throw new MOAApplicationException("2200", null);
       }
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index 1f9d45ed1..e675a40d6 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -501,7 +501,7 @@ public class XMLSignatureVerificationInvoker {
       Set transformParameterURIs =
         buildTransformParameterURIs(profile.getTransformationSupplements());
       List referenceInfoList =
-        result.getSecurityLayerManifest().getReferenceInfoList();
+        result.getSecurityLayerManifest().getReferenceDataList();
       Iterator refIter;
 
       for (refIter = referenceInfoList.iterator(); refIter.hasNext();) {