diff options
Diffstat (limited to 'id.server/data/abnahme-test/xmldata/A300')
38 files changed, 2298 insertions, 0 deletions
diff --git a/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml new file mode 100644 index 000000000..03b1fbd3f --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml new file mode 100644 index 000000000..39d9a864b --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml new file mode 100644 index 000000000..db46fb127 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM +A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a +f2daYYuO8dycQw3xg6U=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp +AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn +pIpdAwR9sw5xnIvTySc=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute></saml:AttributeStatement> +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz +5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP +3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w +MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU +ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 ++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 +lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY +hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB +ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy +IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII +NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ +etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 +fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN +aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 +Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w +MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU +ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia +2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S +BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu +MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB +AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC +MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl +aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB +BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ +BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl +ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv +7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx +MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK +FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh +bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg +UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk +QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW +nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e +vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB +/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB +MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg +VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj +v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp +lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv +RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr +BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 +kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml new file mode 100644 index 000000000..804a27e92 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml new file mode 100644 index 000000000..12cfbb668 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml new file mode 100644 index 000000000..2067a40c7 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="true" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml new file mode 100644 index 000000000..7e05dbfe1 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml @@ -0,0 +1,133 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM +A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a +f2daYYuO8dycQw3xg6U=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp +AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn +pIpdAwR9sw5xnIvTySc=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute></saml:AttributeStatement> +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz +5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP +3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w +MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU +ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 ++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 +lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY +hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB +ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy +IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII +NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ +etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 +fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN +aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 +Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w +MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU +ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia +2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S +BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu +MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB +AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC +MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl +aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB +BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ +BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl +ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv +7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx +MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK +FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh +bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg +UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk +QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW +nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e +vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB +/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB +MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg +VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj +v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp +lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv +RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr +BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 +kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml new file mode 100644 index 000000000..bc1bc17ce --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml new file mode 100644 index 000000000..124f7e5d0 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml new file mode 100644 index 000000000..7a2ed2017 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml new file mode 100644 index 000000000..9b39890d1 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml @@ -0,0 +1,124 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM +A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a +f2daYYuO8dycQw3xg6U=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp +AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn +pIpdAwR9sw5xnIvTySc=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute></saml:AttributeStatement> +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz +5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP +3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w +MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU +ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 ++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 +lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY +hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB +ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy +IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII +NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ +etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 +fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN +aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 +Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w +MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU +ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia +2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S +BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu +MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB +AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC +MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl +aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB +BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ +BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl +ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv +7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx +MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK +FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh +bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg +UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk +QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW +nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e +vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB +/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB +MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg +VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj +v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp +lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv +RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr +BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 +kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml new file mode 100644 index 000000000..3750de781 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="false" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml new file mode 100644 index 000000000..499a3908e --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml new file mode 100644 index 000000000..7400f791a --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml new file mode 100644 index 000000000..32b3d31f9 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml @@ -0,0 +1,136 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM +A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a +f2daYYuO8dycQw3xg6U=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#"> + <saml:AttributeValue> + <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp +AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn +pIpdAwR9sw5xnIvTySc=</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute></saml:AttributeStatement> +<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz +5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP +3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w +MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU +ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 ++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 +lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY +hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB +ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy +IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII +NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ +etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 +fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN +aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 +Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w +MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu +aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG +A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU +ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia +2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S +BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu +MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB +AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC +MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl +aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB +BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ +BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl +ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv +7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG +A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n +IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx +JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx +MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK +FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh +bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg +UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk +QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW +nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e +vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB +/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB +MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg +VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj +v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp +lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv +RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr +BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 +kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>123456789012</pr:Value> + <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml new file mode 100644 index 000000000..b6b42f267 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml new file mode 100644 index 000000000..b3e27002e --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>false</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml new file mode 100644 index 000000000..9e523773a --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName> + <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..184615e91 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DlzOL10xqFzEPMGWmenuvyqB3+c=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>Mx68y1JK5jtEyp10w/9p5FYq0Ro5JsjOHQREag5DAfMW5Mf+6qapTjvO+eDZXYub +Vjzph+QgxIhwfFQtrrM9M9ftuHWtD+HeVaexWNkApOBzijdTjZAS4lph4WM5wJ3M +/vUhCJzQzC1scg7xRdNGd+aszMtksWKJpPw4oI0PayE=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID1zCCA0SgAwIBAgIGAPMkfTU7MAkGBSsOAwIdBQAwgawxCzAJBgNVBAYTAkFU +MSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UE +CxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBh +bmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAsTDElBSUsgVGVzdCBDQTEVMBMGA1UE +AxMMSUFJSyBUZXN0IENBMB4XDTAzMDIwMzE2MjA1NVoXDTAzMTIzMDIyNTkzMFow +gZgxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD +SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp +b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGDAWBgNVBAMUD0lzb2xk +ZSBC/HJnZXJpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA53m0qng6O9zV +IAuJ22Ps91X+pddhMiA9P0QusMexQ+QEkfe43nEFIToUZ3uuoAQFd+n4MXM6D68t +ZctGU5O4W5Aq/bEjI4efIHS0EThzgNAymqmT9Z9IIEhqm/1jhQ4SXTW33y3Xn3lx +26DiTeApftuQB388YlV+Rs+rTyF9iRUCAwEAAaOCARwwggEYMAwGA1UdEwEB/wQC +MAAwDgYDVR0PAQH/BAQDAgbAMBEGCWCGSAGG+EIBAQQEAwIFIDBnBgNVHSAEYDBe +MFwGDCsGAQQBlRIBAnsBATBMMEoGCCsGAQUFBwICMD4aPFRoaXMgY2VydGlmaWNh +dGUgb25seSBtYXkgYmUgdXNlZCBmb3IgZGVtb25zdHJhdGlvbiBwdXJwb3NlczA8 +BgNVHR8ENTAzMDGgL6AthitodHRwOi8vd3d3LmlhaWsuYXQvdGVzdENBL2lhaWtf +dGVzdF9zaWcuY3JsMB0GA1UdDgQWBBQoOuoIxS8M1o/DTZkJUs0lnN5A7TAfBgNV +HSMEGDAWgBRMILBWAgz3iAqWiKUUtFHMOrXyvzAJBgUrDgMCHQUAA4GBACY81o8m +zb8YCuTMgeplySm5nAkxjsv1T5n/Hzz1cLfSDJZ0HyNTVx/GDszY+Dx28MdW+6DL +o9nWPSE/4P+k9HXJe/wEyAv44OrjvpzGGKjqoc3X8v4rzMo6MBRNluu0m3y1pktT +V/q4aiWD/nbGXdrn/AoKAvOSAQ3Qe6X+dT/1</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:37</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>dL59VDpBsujcngd207z0ohPl1/U=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> + </saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml new file mode 100644 index 000000000..b3e27002e --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>false</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml new file mode 100644 index 000000000..9e523773a --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName> + <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..e004eb74c --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>Q2VhPYhMbwz4beILYjMDmBsurLQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>lr5L9hxi1rvdm5vT9WpG8yYKv1TIjPrONJUv6O4lTUyC4E8L4nwx8mMFPd8Q7jNb +WmMmaDCl0uZYOATdu/x2t5wYOYreBUpka3J3wPTIJhMJQwaMMu3rHM3Ewn+1Wlsw +6VED3ZWKAmI+12Mto5RLbD5BU6757Tx42YuCkw9glZM=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID5zCCA1SgAwIBAgIGAPR8iAdPMAkGBSsOAwIdBQAwgawxCzAJBgNVBAYTAkFU +MSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UE +CxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBh +bmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAsTDElBSUsgVGVzdCBDQTEVMBMGA1UE +AxMMSUFJSyBUZXN0IENBMB4XDTAzMDQxMTExNDIwNVoXDTAzMTIzMDIyNTkzMFow +gZgxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD +SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp +b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGDAWBgNVBAMUD0lzb2xk +ZSBC/HJnZXJpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0bdQqA5YFf32 +OjaZo01tpAsP/Kgor6sWGLQj2uBrQDOAOymVkIPtv4C9XQ1tH8EUexgbYI1QpE9V +ODvoo49Bi6u9hYnlDFj+8EgQoDCmqFSy/jzwLVnRL7jwN96uAyU5WymEdPWgHRpT +6oDxYs36MJ7+iWQISA6nl3/QTI4wnJcCAwEAAaOCASwwggEoMAwGA1UdEwEB/wQC +MAAwDgYDVR0PAQH/BAQDAgbAMBEGCWCGSAGG+EIBAQQEAwIFIDBnBgNVHSAEYDBe +MFwGDCsGAQQBlRIBAnsBATBMMEoGCCsGAQUFBwICMD4aPFRoaXMgY2VydGlmaWNh +dGUgb25seSBtYXkgYmUgdXNlZCBmb3IgZGVtb25zdHJhdGlvbiBwdXJwb3NlczA8 +BgNVHR8ENTAzMDGgL6AthitodHRwOi8vd3d3LmlhaWsuYXQvdGVzdENBL2lhaWtf +dGVzdF9zaWcuY3JsMB0GA1UdDgQWBBTehKfLADylQ4B6DyYKvUG1+pHZzzAOBgcq +KAAKAQEBBAMBAf8wHwYDVR0jBBgwFoAUTCCwVgIM94gKloilFLRRzDq18r8wCQYF +Kw4DAh0FAAOBgQBw2mE3PxdtcSDwCTglkNt7ww4IGmWnUCYUiV8x/lcwWdXhcnRM +lsjmOYi0vFiV8ne6x8fI6WMQLmHQMTfra+tEBrsHOlhISz5F5VGVfj/w6DcTC2HH +wGaIkTqAu6GZ+bu8OpXYSIZEy4ZSMTWWnomses0LyrXqmWNWh1InVjAPiw==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:39</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>YrSnK0/o4nCtqxK1IpJF2Qy4ZQc=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1050061309775</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> + </saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml new file mode 100644 index 000000000..8a66f40cf --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' > + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData></saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'> + <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType"> + + <pr:Name> + <pr:GivenName>Hermann</pr:GivenName> + <pr:FamilyName primary="undefined">Muster</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1968-10-22</pr:DateOfBirth> + </pr:Person></saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'> + <saml:AttributeValue>false</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName='isPublicAuthority' AttributeNamespace='urn:oid:1.2.40.0.10.1.1.1'> + <saml:AttributeValue>Musterbehörde</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml new file mode 100644 index 000000000..9e523773a --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <BKUSelection BKUSelectionAlternative="HTMLSelect"> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + </ConnectionParameter> + </BKUSelection> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName> + <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="AuthComponentURL"> + <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="authenticationSessionTimeOut" value="600"/> + <GenericConfiguration name="authenticationDataTimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..f7346ad2b --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>nSqJkplafvE6SpfL0JP5Tbanh3Y=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>V5m5I1QA+NXzhU64G/I1vT8LAoWqaoHm2Ck807U8SVG668NmjH4wrfTln+Shx0HD ++q4c2NAb6ZFzTUQ190RlRgvEM0cvtCSpn7/AcJaBd5WuUYPRLPEmP8ca4xhLGi1t +XZQCTpTLLnRI+5Yf5HJqc1lfs5Pkv9hQZ9W55eJgmiA=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDwTCCAy6gAwIBAgIVAOn21xTCfievvs3qbq8HRBHjXjNPMAkGBSsOAwIdBQAw +gZUxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD +SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp +b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAMTDElBSUsg +VGVzdCBDQTAeFw0wMjExMTUwOTQwNTBaFw0wMzEyMzEyMjU5MzBaMHkxCzAJBgNV +BAYTAkFUMQ0wCwYDVQQIEwRXaWVuMQ0wCwYDVQQHEwRXaWVuMRYwFAYDVQQJEw1N +dXN0ZXJnYXNzZSAxMRswGQYDVQQKExJNdXN0ZXJvcmdhbmlzYXRpb24xFzAVBgNV +BAMTDk1heCBNdXN0ZXJtYW5uMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDw +Dxgoc53OFRWuZcGRkuZYYHxTeM7tLoH+9eFpqtokWHruFNn49JNWNdU2PMPeXezO +6eYwz/214/EB/SvCx5ZRlLC7GikqUX0UyK/r36zq9Q5nOMFfSoG48hEIjzAUWnc4 +FIePYW7hdb0/nW+1CKVdpmsGHChJoN7SCiVvY0eyAQIDAQABo4IBLjCCASowDAYD +VR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0gBGAwXjBcBgwrBgEEAZUS +AQIDAQEwTDBKBggrBgEFBQcCAjA+GjxUaGlzIGNlcnRpZmljYXRlIG1heSBiZSB1 +c2VkIGZvciBkZW1vbnN0cmF0aW9uIHB1cnBvc2VzIG9ubHkwLwYDVR0RBCgwJoEk +bWF4Lm11c3Rlcm1hbm5AbXVzdGVyb3JnYW5pc2F0aW9uLmF0MB0GA1UdDgQWBBTp +9tcUwn4nr77N6m6vB0MgXEvH5TAbBgcqKAAKAQEBBBAMDk11c3RlcmJlaMO2cmRl +MBMGA1UdJQQMMAoGCCsGAQUFBwMEMB8GA1UdIwQYMBaAFOtWHOnph3q+vzHzdX8q +/qzlQNOOMAkGBSsOAwIdBQADgYEALbC1Ibymb3DWwB+pEezrt87+r3xi+JGFxkt0 +tw0tOoe+ejSY8AhSuY3LseLdPNDnTtlg/GlkzijCFxBHPgUKhGokA91qIoV++fZt +3/pxjSVxl+elGDCx9WcrXB5L7m5mxSMgYGOZH2UUlFZQvtKXxU4KrXCXkQVTsg9g +RWizwj4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:40</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>pMBCPXFi69dO65GgzApHN4TxtvM=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1335699569126441074835341742398412708010421793615</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> + </saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..b9e0e0f9c --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="A" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..4ef49034c --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml @@ -0,0 +1,62 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Subject> + <saml:NameIdentifier>http://localhost2:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..4fe3c4b2b --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="gb" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..4736c5dc3 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://wrong.namespace.com"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://wrong.namespace.com"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..7664fbe33 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>noTarget</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..a7ef7a637 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="noOA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..4736c5dc3 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://wrong.namespace.com"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://wrong.namespace.com"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..6e8393033 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>WRONG</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..96032998a --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement></saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..ba2749cda --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>http://localhost:8081/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n +FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0 +YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4 +edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/ +t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/ +Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2 +Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL +PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf ++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW +KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1 +Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file diff --git a/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml new file mode 100644 index 000000000..9a358e434 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile2</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <!--<X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>--> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="http://localhost:9080/moa-id-auth/services/GetAuthenticationData"> + <!-- <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> --> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="http://localhost:9080/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfBasicAuth.xml" sessionTimeOut="10"> + <ConnectionParameter URL="ProxyComponentURL"> + <AcceptedServerCertificates>url:AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="data/test/certs/cert-store-root"/> + <GenericConfiguration name="TLSTrustedCACertificates" value="file:c:/java/id.server/data/test/certs/ca-certs"/> + <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/> + <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml new file mode 100644 index 000000000..5aade8185 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <SecurityLayer> + <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName> + <!--<X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>--> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="http://localhost:9080/moa-id-auth/services/GetAuthenticationData"> + <!-- <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> --> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="http://localhost:8080/moa-id-proxy/"> + <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfBasicAuth.xml" sessionTimeOut="10"> + <ConnectionParameter URL="ProxyComponentURL"> + <AcceptedServerCertificates>url:AcceptedServerCertificates</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20"> + <ConnectionParameter URL="ProxyComponentURL2"> + <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates> + <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="data/test/certs/cert-store-root"/> + <GenericConfiguration name="TLSTrustedCACertificates" value="file:c:/java/id.server/data/test/certs/ca-certs"/> + <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/> + <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml new file mode 100644 index 000000000..ec8cefe99 --- /dev/null +++ b/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-05-20T10:30:56+02:00" Issuer="Monika Bürger" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:8443/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>gb</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>http://localhost:8080/moa-id-proxy/</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html> + <body> +Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> + <table border="1"> + <tr> + <td> + <b>Name:</b> + </td> + <td> + <xsl:value-of select="//@Issuer"/> + </td> + </tr> + <tr> + <td> + <b>Zeit:</b> + </td> + <td> + <xsl:value-of select="//@IssueInstant"/> + </td> + </tr> + <tr> + <td> + <b>Applikation:</b> + </td> + <td> + <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td> + <b>Geschäftsbereich:</b> + </td> + <td> + <xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td> + <b>Anmeldeserver:</b> + </td> + <td> + <xsl:value-of select="//saml:NameIdentifier"/> + </td> + </tr> + </table> + </body> + </html> + </xsl:template> + </xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>Vmmkctd+R7lkSKftZO1UnenfWi0=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>vfTksPSWSacTaSWnvybsm8iV80o=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>wIqspNC5KqReKNMNO7PIemxSKwGId1HIp5r6FFtuj099C304xR5fZoCoC2Zyk6di +bnoh+rRk9oZFeGoWvhb/JADGgtia7VUO4qc3suCNVpikRgiG5K8LXMGS3w+1wUFb +JIkDKLuDxmXApG+BEEQXmE07zfwAzRbVBmunpWnG/us=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTkwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU +MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt +IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU +LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu +Yy0wMTAeFw0wMzAyMTAxMzI0MTlaFw0wNjAyMTAxMzI0MjBaMGoxCzAJBgNVBAYT +AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTEgQlJaMQwwCgYDVQQEEwNCUlox +GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BMTEVMBMGA1UEBRMMMjI1NjUyMzkyMTA0 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmURpYSNb7j/plynhMIDHgoPCu +Go0KfBI6XJYGAC8dmzntKDaHeUBM/ZImO6PMyK3LEj+vlcVKM2UPsEOaXiGrLs/Z +GjTP8QMpYKj5UyNlLYMoxRagHi75A6Ci8dcxwH+Sjo3QxLBDEPG6zsusnZphPYad +pLW7r/NQuOSfeuE6MwIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw +JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB +BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv +b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et +c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq +KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv +Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg +ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw +ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl +bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u +bGlzdD8wEQYDVR0OBAoECEp3ZWggbV5MMA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE +GTAXgRV0ZXN0cGVyc29uMkBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B +AQUFAAOCAQEAIuyADBvzJmE7yCCAilQrFl4U+HjMNF5NwbbUqjtVxCj7JliOFJBd +en46ekG8w57tLHOhg/5N9xdmObX2jgzGZy7uJC7eDnszWjvvfsFev87MwZFy3Pm/ +wdu1+7/+RLDcrOViDn1x2n/JDvkqZJ5WFor2R76wnBIESNeHOqDW9nXHP5F5ERLI +Ug3tVhIHCkxkBvHJkQOwMD+BhKGh/1jSBRloyrVD/5QUcbQE5wmOjv1I6LLOZRbq +eXk8cQhwGH+K6p0BdwQc6rg3CXFqTTzP4GuUhnxfJsYtKw7qAfVSf3VRqbeVHX4M +xDtbjTi15+0lWfB15L4jukJl10D9cFMsWA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-05-20T08:31:06Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>A6PySg7S5iw8pJEX0i5lwp43lZY=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6457</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> +</saml:Assertion></sl11:CreateXMLSignatureResponse>
\ No newline at end of file |