From 1ad814ccbbe4f65f430ac738104e3f3c8256c229 Mon Sep 17 00:00:00 2001
From: Klaus Stranacher <kstranacher@iaik.tugraz.at>
Date: Tue, 16 Apr 2013 14:44:08 +0200
Subject: Update digest algorithm, XAdES version, whitelisting

---
 common/.settings/org.eclipse.wst.common.component  |  5 +-
 .../java/at/gv/egovernment/moa/util/Constants.java | 14 +++++
 .../resources/schemas/MOA-SPSS-config-1.5.2.xsd    | 60 ++++++++++++++++------
 3 files changed, 61 insertions(+), 18 deletions(-)

(limited to 'common')

diff --git a/common/.settings/org.eclipse.wst.common.component b/common/.settings/org.eclipse.wst.common.component
index 4dd7e3409..386d0ebba 100644
--- a/common/.settings/org.eclipse.wst.common.component
+++ b/common/.settings/org.eclipse.wst.common.component
@@ -1,7 +1,6 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="2.0">
+<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
   <wb-module deploy-name="moa-common">
     <wb-resource deploy-path="/" source-path="src/main/java"/>
     <wb-resource deploy-path="/" source-path="src/main/resources"/>
   </wb-module>
-</project-modules>
\ No newline at end of file
+</project-modules>
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
index c4f7eb3f3..7e98f0427 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
@@ -397,6 +397,20 @@ public interface Constants {
   /** URI of the SHA1 digest algorithm */
   public static final String SHA1_URI =
     "http://www.w3.org/2000/09/xmldsig#sha1";
+  
+  /** URI of the SHA1 digest algorithm */
+  public static final String SHA256_URI =
+    "http://www.w3.org/2000/09/xmldsig#sha256";
+  
+  /** URI of the SHA1 digest algorithm */
+  public static final String SHA384_URI =
+    "http://www.w3.org/2000/09/xmldsig#sha384";
+  
+  /** URI of the SHA1 digest algorithm */
+  public static final String SHA512_URI =
+    "http://www.w3.org/2000/09/xmldsig#sha512";
+  
+  // TODO Supported Hash-Algorithms?
 
   /** URI of the Canonical XML algorithm */
   public static final String C14N_URI =
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
index 669ebe53f..63b09f45a 100644
--- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
+++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
@@ -19,20 +19,36 @@
 									</xs:sequence>
 								</xs:complexType>
 							</xs:element>
-							<xs:element name="PermitExternalUris" minOccurs="0">
-								<xs:complexType>
-									<xs:sequence minOccurs="0" maxOccurs="unbounded">
-										<xs:element name="BlackListUri">
-											<xs:complexType>
-												<xs:sequence>
-													<xs:element name="IP" type="xs:string"/>
-													<xs:element name="Port" type="xs:int" minOccurs="0"/>
-												</xs:sequence>
-											</xs:complexType>
-										</xs:element>
-									</xs:sequence>
-								</xs:complexType>
-							</xs:element>
+							<xs:choice>
+								<xs:element name="PermitExternalUris" minOccurs="0">
+									<xs:complexType>
+										<xs:sequence minOccurs="0">
+											<xs:element name="BlackListUri" minOccurs="0" maxOccurs="unbounded">
+												<xs:complexType>
+													<xs:sequence>
+														<xs:element name="IP" type="xs:string"/>
+														<xs:element name="Port" type="xs:int" minOccurs="0"/>
+													</xs:sequence>
+												</xs:complexType>
+											</xs:element>
+										</xs:sequence>
+									</xs:complexType>
+								</xs:element>
+								<xs:element name="ForbidExternalUris" minOccurs="0">
+									<xs:complexType>
+										<xs:sequence>
+											<xs:element name="WhiteListUri" minOccurs="0" maxOccurs="unbounded">
+												<xs:complexType>
+													<xs:sequence>
+														<xs:element name="IP" type="xs:string"/>
+														<xs:element name="Port" type="xs:int" minOccurs="0"/>
+													</xs:sequence>
+												</xs:complexType>
+											</xs:element>
+										</xs:sequence>
+									</xs:complexType>
+								</xs:element>
+							</xs:choice>
 						</xs:sequence>
 					</xs:complexType>
 				</xs:element>
@@ -78,6 +94,7 @@
 												</xs:complexType>
 											</xs:element>
 										</xs:sequence>
+										<xs:element name="DigestMethodAlgorithm" minOccurs="0"/>
 									</xs:sequence>
 								</xs:complexType>
 							</xs:element>
@@ -99,6 +116,19 @@
 							</xs:element>
 							<xs:element name="CreateTransformsInfoProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
 							<xs:element name="CreateSignatureEnvironmentProfile" type="config:ProfileType" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="XAdES" minOccurs="0">
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name="Version">
+											<xs:simpleType>
+												<xs:restriction base="xs:token">
+													<xs:enumeration value="1.4.2"/>
+												</xs:restriction>
+											</xs:simpleType>
+										</xs:element>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
 						</xs:sequence>
 					</xs:complexType>
 				</xs:element>
@@ -147,7 +177,7 @@
 															</xs:sequence>
 														</xs:complexType>
 													</xs:element>
-													<xs:element name="TrustProfile" maxOccurs="unbounded">
+													<xs:element name="TrustProfile" minOccurs="0" maxOccurs="unbounded">
 														<xs:complexType>
 															<xs:sequence>
 																<xs:element name="Id" type="xs:token"/>
-- 
cgit v1.2.3


From a544afcf4ad581ab7b76e85dc597ccf5643cd55a Mon Sep 17 00:00:00 2001
From: Klaus Stranacher <kstranacher@iaik.tugraz.at>
Date: Mon, 6 May 2013 21:43:00 +0200
Subject: - Update MOA-SS Interface (CreateCMSignatureRequest) - Whitelisting
 in MOA-SPSS

---
 common/.settings/org.eclipse.jdt.core.prefs        |  17 +-
 .../org.eclipse.wst.common.project.facet.core.xml  |   4 +-
 .../java/at/gv/egovernment/moa/util/Constants.java |   9 +-
 .../resources/resources/schemas/MOA-SPSS-1.5.2.xsd | 541 +++++++++++++++++++++
 4 files changed, 555 insertions(+), 16 deletions(-)
 create mode 100644 common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd

(limited to 'common')

diff --git a/common/.settings/org.eclipse.jdt.core.prefs b/common/.settings/org.eclipse.jdt.core.prefs
index 926e77f2f..c788ee346 100644
--- a/common/.settings/org.eclipse.jdt.core.prefs
+++ b/common/.settings/org.eclipse.jdt.core.prefs
@@ -1,13 +1,8 @@
-#Thu Dec 27 15:45:20 CET 2012
-org.eclipse.jdt.core.compiler.debug.localVariable=generate
-org.eclipse.jdt.core.compiler.compliance=1.5
-org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
-org.eclipse.jdt.core.compiler.debug.sourceFile=generate
-org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
-org.eclipse.jdt.core.compiler.problem.enumIdentifier=warning
-org.eclipse.jdt.core.compiler.debug.lineNumber=generate
 eclipse.preferences.version=1
 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.source=1.5
-org.eclipse.jdt.core.compiler.problem.assertIdentifier=warning
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.7
diff --git a/common/.settings/org.eclipse.wst.common.project.facet.core.xml b/common/.settings/org.eclipse.wst.common.project.facet.core.xml
index 656f15b87..6c09452f2 100644
--- a/common/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/common/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -3,5 +3,5 @@
   <fixed facet="jst.java"/>
   <fixed facet="jst.utility"/>
   <installed facet="jst.utility" version="1.0"/>
-  <installed facet="jst.java" version="5.0"/>
-</faceted-project>
\ No newline at end of file
+  <installed facet="jst.java" version="1.7"/>
+</faceted-project>
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
index 7e98f0427..120c222cf 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/Constants.java
@@ -83,7 +83,7 @@ public interface Constants {
 
   /** Local location of the MOA XML schema definition. */
   public static final String MOA_SCHEMA_LOCATION =
-    SCHEMA_ROOT + "MOA-SPSS-1.4.7.xsd";
+    SCHEMA_ROOT + "MOA-SPSS-1.5.2.xsd";
 
   /** URI of the MOA configuration XML namespace. */
   public static final String MOA_CONFIG_NS_URI =
@@ -410,8 +410,6 @@ public interface Constants {
   public static final String SHA512_URI =
     "http://www.w3.org/2000/09/xmldsig#sha512";
   
-  // TODO Supported Hash-Algorithms?
-
   /** URI of the Canonical XML algorithm */
   public static final String C14N_URI =
     "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
@@ -437,6 +435,11 @@ public interface Constants {
    */
   public static final String MOA_SPSS_CREATE_XML_REQUEST = "CreateXMLSignatureRequest";
   
+  /** 
+   * Local name of request for creating a CMS signature.
+   */
+  public static final String MOA_SPSS_CREATE_CMS_REQUEST = "CreateCMSSignatureRequest";
+  
   /** 
    * Local name of request for verifying an XML signature.
    */
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
new file mode 100644
index 000000000..de49a4c75
--- /dev/null
+++ b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
@@ -0,0 +1,541 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  MOA SP/SS 1.5.2 Schema
+-->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+	<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+	<xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+	<!--########## Create CMS Signature ###-->
+	<!--### Create CMS Signature Request ###-->
+	<xsd:element name="CreateCMSSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="CreateCMSSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="CreateCMSSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+			<xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+				<xsd:annotation>
+					<xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="DataObjectInfo">
+							<xsd:complexType>
+								<xsd:complexContent>
+									<xsd:extension base="CMSDataObjectInfoType"/>
+								</xsd:complexContent>
+							</xsd:complexType>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Create CMS Signature Response ###-->
+	<xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+	<xsd:complexType name="CreateCMSSignatureResponseType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="CMSSignature" type="xsd:base64Binary">
+				<xsd:annotation>
+					<xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element ref="ErrorResponse"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<!--########## Create XML Signature ###-->
+	<!--### Create XML Signature Request ###-->
+	<xsd:element name="CreateXMLSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="CreateXMLSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="CreateXMLSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+			<xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+				<xsd:annotation>
+					<xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+							<xsd:complexType>
+								<xsd:complexContent>
+									<xsd:extension base="DataObjectInfoType">
+										<xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+									</xsd:extension>
+								</xsd:complexContent>
+							</xsd:complexType>
+						</xsd:element>
+						<xsd:element name="CreateSignatureInfo" minOccurs="0">
+							<xsd:complexType>
+								<xsd:sequence>
+									<xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+									<xsd:choice>
+										<xsd:annotation>
+											<xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
+										</xsd:annotation>
+										<xsd:element ref="CreateSignatureEnvironmentProfile"/>
+										<xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+									</xsd:choice>
+								</xsd:sequence>
+							</xsd:complexType>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Create XML Signature Response ###-->
+	<xsd:complexType name="CreateXMLSignatureResponseType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="SignatureEnvironment">
+				<xsd:annotation>
+					<xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:any namespace="##any" processContents="lax"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:element ref="ErrorResponse"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+	<!--########## Verify CMS Signature ###-->
+	<!--### Verifiy CMS Signature Request ###-->
+	<xsd:element name="VerifyCMSSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="VerifyCMSSignatureRequestType">
+					<xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+				</xsd:extension>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="VerifyCMSSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+			<xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify CMS Signature Response ###-->
+	<xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+	<xsd:complexType name="VerifyCMSSignatureResponseType">
+		<xsd:sequence maxOccurs="unbounded">
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="SignatureCheck" type="CheckResultType"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Verify XML Signature ###-->
+	<!--### Verify XML Signature Request ###-->
+	<xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+	<xsd:complexType name="VerifyXMLSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="VerifySignatureInfo">
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+						<xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:choice minOccurs="0" maxOccurs="unbounded">
+				<xsd:element ref="SupplementProfile"/>
+				<xsd:element name="SupplementProfileID" type="xsd:string"/>
+			</xsd:choice>
+			<xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+							<xsd:annotation>
+								<xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
+							</xsd:annotation>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:element name="ReturnHashInputData" minOccurs="0"/>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify XML Signature Response ###-->
+	<xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+	<xsd:complexType name="VerifyXMLSignatureResponseType">
+		<xsd:sequence>
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+			<xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+			<xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:simpleType name="ProfileIdentifierType">
+		<xsd:restriction base="xsd:token"/>
+	</xsd:simpleType>
+	<xsd:complexType name="InputDataType">
+		<xsd:complexContent>
+			<xsd:extension base="ContentExLocRefBaseType">
+				<xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+					<xsd:simpleType>
+						<xsd:restriction base="xsd:token">
+							<xsd:enumeration value="SignedInfo"/>
+							<xsd:enumeration value="XMLDSIGManifest"/>
+						</xsd:restriction>
+					</xsd:simpleType>
+				</xsd:attribute>
+				<xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="MetaInfoType">
+		<xsd:sequence>
+			<xsd:element name="MimeType" type="MimeTypeType"/>
+			<xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+			<xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="FinalDataMetaInfoType">
+		<xsd:complexContent>
+			<xsd:extension base="MetaInfoType">
+				<xsd:sequence>
+					<xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="DataObjectInfoType">
+		<xsd:sequence>
+			<xsd:element name="DataObject">
+				<xsd:complexType>
+					<xsd:complexContent>
+						<xsd:extension base="ContentOptionalRefType"/>
+					</xsd:complexContent>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:choice>
+				<xsd:annotation>
+					<xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
+				</xsd:annotation>
+				<xsd:element ref="CreateTransformsInfoProfile"/>
+				<xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+			</xsd:choice>
+		</xsd:sequence>
+		<xsd:attribute name="Structure" use="required">
+			<xsd:simpleType>
+				<xsd:restriction base="xsd:string">
+					<xsd:enumeration value="detached"/>
+					<xsd:enumeration value="enveloping"/>
+				</xsd:restriction>
+			</xsd:simpleType>
+		</xsd:attribute>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectInfoType">
+		<xsd:sequence>
+			<xsd:element name="DataObject">
+				<xsd:complexType>
+					<xsd:complexContent>
+						<xsd:extension base="CMSDataObjectRequiredMetaType"/>
+					</xsd:complexContent>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+		<xsd:attribute name="Structure" use="required">
+			<xsd:simpleType>
+				<xsd:restriction base="xsd:string">
+					<xsd:enumeration value="detached"/>
+					<xsd:enumeration value="enveloping"/>
+				</xsd:restriction>
+			</xsd:simpleType>
+		</xsd:attribute>
+	</xsd:complexType>
+	<xsd:complexType name="TransformsInfoType">
+		<xsd:sequence>
+			<xsd:element ref="dsig:Transforms" minOccurs="0"/>
+			<xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="XMLDataObjectAssociationType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+			<xsd:element name="Content" type="ContentRequiredRefType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectOptionalMetaType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+			<xsd:element name="Content" type="CMSContentBaseType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectRequiredMetaType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType"/>
+			<xsd:element name="Content" type="CMSContentBaseType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSContentBaseType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentOptionalRefType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+				</xsd:choice>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="CheckResultType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+			<xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="ReferencesCheckResultType">
+		<xsd:complexContent>
+			<xsd:restriction base="CheckResultType">
+				<xsd:sequence>
+					<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+					<xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+		<xsd:complexContent>
+			<xsd:restriction base="AnyChildrenType">
+				<xsd:sequence>
+					<xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ManifestRefsCheckResultType">
+		<xsd:complexContent>
+			<xsd:restriction base="CheckResultType">
+				<xsd:sequence>
+					<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+					<xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+		<xsd:complexContent>
+			<xsd:restriction base="AnyChildrenType">
+				<xsd:sequence>
+					<xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<!--########## Error Response ###-->
+	<xsd:element name="ErrorResponse" type="ErrorResponseType">
+		<xsd:annotation>
+			<xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
+		</xsd:annotation>
+	</xsd:element>
+	<xsd:complexType name="ErrorResponseType">
+		<xsd:sequence>
+			<xsd:element name="ErrorCode" type="xsd:integer"/>
+			<xsd:element name="Info" type="xsd:string"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Auxiliary Types ###-->
+	<xsd:simpleType name="KeyIdentifierType">
+		<xsd:restriction base="xsd:string"/>
+	</xsd:simpleType>
+	<xsd:simpleType name="KeyStorageType">
+		<xsd:restriction base="xsd:string">
+			<xsd:enumeration value="Software"/>
+			<xsd:enumeration value="Hardware"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<xsd:simpleType name="MimeTypeType">
+		<xsd:restriction base="xsd:token"/>
+	</xsd:simpleType>
+	<xsd:complexType name="AnyChildrenType" mixed="true">
+		<xsd:sequence>
+			<xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="XMLContentType" mixed="true">
+		<xsd:complexContent>
+			<xsd:extension base="AnyChildrenType">
+				<xsd:attribute ref="xml:space" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentBaseType">
+		<xsd:choice minOccurs="0">
+			<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+			<xsd:element name="XMLContent" type="XMLContentType"/>
+			<xsd:element name="LocRefContent" type="xsd:anyURI"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:complexType name="ContentExLocRefBaseType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentBaseType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+					<xsd:element name="XMLContent" type="XMLContentType"/>
+				</xsd:choice>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentOptionalRefType">
+		<xsd:complexContent>
+			<xsd:extension base="ContentBaseType">
+				<xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentRequiredRefType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentOptionalRefType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+					<xsd:element name="XMLContent" type="XMLContentType"/>
+					<xsd:element name="LocRefContent" type="xsd:anyURI"/>
+				</xsd:choice>
+				<xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="VerifyTransformsDataType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element ref="VerifyTransformsInfoProfile"/>
+			<xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+				<xsd:annotation>
+					<xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:element name="QualifiedCertificate"/>
+	<xsd:element name="SecureSignatureCreationDevice"/>
+	<xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+	<xsd:complexType name="PublicAuthorityType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:simpleType name="SignatoriesType">
+		<xsd:union memberTypes="AllSignatoriesType">
+			<xsd:simpleType>
+				<xsd:list itemType="xsd:positiveInteger"/>
+			</xsd:simpleType>
+		</xsd:union>
+	</xsd:simpleType>
+	<xsd:simpleType name="AllSignatoriesType">
+		<xsd:restriction base="xsd:string">
+			<xsd:enumeration value="all"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<xsd:complexType name="CreateSignatureLocationType">
+		<xsd:simpleContent>
+			<xsd:extension base="xsd:token">
+				<xsd:attribute name="Index" type="xsd:integer" use="required"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="TransformParameterType">
+		<xsd:choice minOccurs="0">
+			<xsd:annotation>
+				<xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="Base64Content" type="xsd:base64Binary">
+				<xsd:annotation>
+					<xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="Hash">
+				<xsd:annotation>
+					<xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element ref="dsig:DigestMethod"/>
+						<xsd:element ref="dsig:DigestValue"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:choice>
+		<xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+	</xsd:complexType>
+	<xsd:element name="CreateSignatureEnvironmentProfile">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+				<xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="VerifyTransformsInfoProfile">
+		<xsd:annotation>
+			<xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
+		</xsd:annotation>
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element ref="dsig:Transforms" minOccurs="0"/>
+				<xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+					<xsd:annotation>
+						<xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
+					</xsd:annotation>
+				</xsd:element>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+	<xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+	<xsd:element name="CreateTransformsInfoProfile">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+				<xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+</xsd:schema>
-- 
cgit v1.2.3


From 8591e43ef7f8e1eb0be50a0726d507904b26b9f5 Mon Sep 17 00:00:00 2001
From: Klaus Stranacher <kstranacher@iaik.tugraz.at>
Date: Thu, 16 May 2013 13:01:02 +0200
Subject: Minor documentation updates

---
 common/.settings/org.eclipse.wst.common.component | 1 +
 1 file changed, 1 insertion(+)

(limited to 'common')

diff --git a/common/.settings/org.eclipse.wst.common.component b/common/.settings/org.eclipse.wst.common.component
index 386d0ebba..d304ccdfa 100644
--- a/common/.settings/org.eclipse.wst.common.component
+++ b/common/.settings/org.eclipse.wst.common.component
@@ -2,5 +2,6 @@
   <wb-module deploy-name="moa-common">
     <wb-resource deploy-path="/" source-path="src/main/java"/>
     <wb-resource deploy-path="/" source-path="src/main/resources"/>
+        <wb-resource deploy-path="/" source-path="/"/>
   </wb-module>
 </project-modules>
-- 
cgit v1.2.3


From a52d3300d20837b12b45a0d4fb2b0ee520f6e641 Mon Sep 17 00:00:00 2001
From: Klaus Stranacher <kstranacher@iaik.tugraz.at>
Date: Wed, 14 Aug 2013 16:36:40 +0200
Subject: TSL integration updates: - Setting of hashcache parameter in MOA -
 Update MOA-SP Response (Source attribute in QualifiedCertificate and
 SecureSignatureCreationDevice element) - Hidden truststores (for TSL enabled
 truststore: given certificates are copied to hidden truststore, where TSL
 certificates are copied) - Update of QC and SSCD detection - Update MOA-SPSS
 config: EU TSL URL can be set via configuration

---
 common/.settings/org.eclipse.jdt.core.prefs        | 11 ++++----
 common/.settings/org.eclipse.wst.common.component  |  3 +-
 .../org.eclipse.wst.common.project.facet.core.xml  |  4 +--
 .../java/at/gv/egovernment/moa/util/FileUtils.java | 33 ++++++++++++++++++++++
 .../resources/resources/schemas/MOA-SPSS-1.5.2.xsd | 17 +++++++++--
 .../resources/schemas/MOA-SPSS-config-1.5.2.xsd    |  1 +
 6 files changed, 58 insertions(+), 11 deletions(-)

(limited to 'common')

diff --git a/common/.settings/org.eclipse.jdt.core.prefs b/common/.settings/org.eclipse.jdt.core.prefs
index c788ee346..1cd6f082c 100644
--- a/common/.settings/org.eclipse.jdt.core.prefs
+++ b/common/.settings/org.eclipse.jdt.core.prefs
@@ -1,8 +1,9 @@
+#Mon Aug 05 10:52:30 CEST 2013
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
 eclipse.preferences.version=1
 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
-org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.source=1.5
 org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
-org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
-org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
-org.eclipse.jdt.core.compiler.source=1.7
+org.eclipse.jdt.core.compiler.compliance=1.5
diff --git a/common/.settings/org.eclipse.wst.common.component b/common/.settings/org.eclipse.wst.common.component
index d304ccdfa..0b1b59ec8 100644
--- a/common/.settings/org.eclipse.wst.common.component
+++ b/common/.settings/org.eclipse.wst.common.component
@@ -2,6 +2,7 @@
   <wb-module deploy-name="moa-common">
     <wb-resource deploy-path="/" source-path="src/main/java"/>
     <wb-resource deploy-path="/" source-path="src/main/resources"/>
-        <wb-resource deploy-path="/" source-path="/"/>
+        <wb-resource deploy-path="/" source-path="/src/main/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/resources"/>
   </wb-module>
 </project-modules>
diff --git a/common/.settings/org.eclipse.wst.common.project.facet.core.xml b/common/.settings/org.eclipse.wst.common.project.facet.core.xml
index 6c09452f2..656f15b87 100644
--- a/common/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/common/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -3,5 +3,5 @@
   <fixed facet="jst.java"/>
   <fixed facet="jst.utility"/>
   <installed facet="jst.utility" version="1.0"/>
-  <installed facet="jst.java" version="1.7"/>
-</faceted-project>
+  <installed facet="jst.java" version="5.0"/>
+</faceted-project>
\ No newline at end of file
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
index 7effe8b4f..cac179a75 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/FileUtils.java
@@ -27,8 +27,10 @@ package at.gv.egovernment.moa.util;
 import java.io.BufferedInputStream;
 import java.io.File;
 import java.io.FileInputStream;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.OutputStream;
 import java.net.URL;
 
 /**
@@ -136,5 +138,36 @@ public class FileUtils {
       return newURL;
     }
 	}  
+	
+	
+	 private static void copy( InputStream fis, OutputStream fos )
+	  {
+	    try
+	    {
+	      byte[] buffer = new byte[ 0xFFFF ];
+	      for ( int len; (len = fis.read(buffer)) != -1; )
+	        fos.write( buffer, 0, len );
+	    }
+	    catch( IOException e ) {
+	      System.err.println( e );
+	    }
+	    finally {
+	      if ( fis != null )
+	        try { fis.close(); } catch ( IOException e ) { e.printStackTrace(); }
+	      if ( fos != null )
+	        try { fos.close(); } catch ( IOException e ) { e.printStackTrace(); }
+	    }
+	  }
+	 
+	 public static void copyFile(File src, File dest)
+	  {
+	    try
+	    {
+	      copy( new FileInputStream( src ), new FileOutputStream( dest ) );
+	    }
+	    catch( IOException e ) {
+	      e.printStackTrace();
+	    }
+	  }
   
 }
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
index de49a4c75..640f577aa 100644
--- a/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
+++ b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
@@ -147,7 +147,7 @@
 		<xsd:sequence maxOccurs="unbounded">
 			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
 				<xsd:annotation>
-					<xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any</xsd:documentation>
 				</xsd:annotation>
 			</xsd:element>
 			<xsd:element name="SignatureCheck" type="CheckResultType"/>
@@ -198,7 +198,7 @@
 		<xsd:sequence>
 			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
 				<xsd:annotation>
-					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
+					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any</xsd:documentation>
 				</xsd:annotation>
 			</xsd:element>
 			<xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
@@ -455,7 +455,18 @@
 		</xsd:choice>
 	</xsd:complexType>
 	<xsd:element name="QualifiedCertificate"/>
-	<xsd:element name="SecureSignatureCreationDevice"/>
+	<xsd:element name="SecureSignatureCreationDevice">
+		<xsd:complexType>
+			<xsd:attribute name="source" use="required">
+					<xsd:simpleType>
+						<xsd:restriction base="xsd:token">
+							<xsd:enumeration value="TSL"/>
+							<xsd:enumeration value="Certificate"/>
+						</xsd:restriction>
+					</xsd:simpleType>
+				</xsd:attribute>
+		</xsd:complexType>
+	</xsd:element>
 	<xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
 	<xsd:complexType name="PublicAuthorityType">
 		<xsd:sequence>
diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
index 63b09f45a..91d281171 100644
--- a/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
+++ b/common/src/main/resources/resources/schemas/MOA-SPSS-config-1.5.2.xsd
@@ -313,6 +313,7 @@
 										<xs:element name="TSLConfiguration" minOccurs="0">
 											<xs:complexType>
 												<xs:sequence>
+													<xs:element name="EUTSLUrl" type="xs:anyURI" minOccurs="0"/>
 													<xs:element name="UpdateSchedule" minOccurs="0">
 														<xs:complexType>
 															<xs:sequence>
-- 
cgit v1.2.3


From 5b697c424d24a7523dccd210454d029368e34898 Mon Sep 17 00:00:00 2001
From: Klaus Stranacher <kstranacher@iaik.tugraz.at>
Date: Wed, 21 Aug 2013 13:12:26 +0200
Subject: Update QC/SSCD check WSDL location updated

---
 .../resources/resources/schemas/MOA-SPSS-1.5.2.xsd | 34 +++++++++++++++-------
 1 file changed, 23 insertions(+), 11 deletions(-)

(limited to 'common')

diff --git a/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
index 640f577aa..144918778 100644
--- a/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
+++ b/common/src/main/resources/resources/schemas/MOA-SPSS-1.5.2.xsd
@@ -147,7 +147,7 @@
 		<xsd:sequence maxOccurs="unbounded">
 			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
 				<xsd:annotation>
-					<xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any</xsd:documentation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation>
 				</xsd:annotation>
 			</xsd:element>
 			<xsd:element name="SignatureCheck" type="CheckResultType"/>
@@ -198,7 +198,7 @@
 		<xsd:sequence>
 			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
 				<xsd:annotation>
-					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any</xsd:documentation>
+					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any; SecureSignatureCreationDevice is included as X509Data/any, IssuingCountry is included as X509Data/any</xsd:documentation>
 				</xsd:annotation>
 			</xsd:element>
 			<xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
@@ -454,19 +454,31 @@
 			</xsd:element>
 		</xsd:choice>
 	</xsd:complexType>
-	<xsd:element name="QualifiedCertificate"/>
+	<xsd:element name="QualifiedCertificate">
+		<xsd:complexType>
+			<xsd:attribute name="source" use="optional">
+				<xsd:simpleType>
+					<xsd:restriction base="xsd:token">
+						<xsd:enumeration value="TSL"/>
+						<xsd:enumeration value="Certificate"/>
+					</xsd:restriction>
+				</xsd:simpleType>
+			</xsd:attribute>
+		</xsd:complexType>
+	</xsd:element>
 	<xsd:element name="SecureSignatureCreationDevice">
 		<xsd:complexType>
-			<xsd:attribute name="source" use="required">
-					<xsd:simpleType>
-						<xsd:restriction base="xsd:token">
-							<xsd:enumeration value="TSL"/>
-							<xsd:enumeration value="Certificate"/>
-						</xsd:restriction>
-					</xsd:simpleType>
-				</xsd:attribute>
+			<xsd:attribute name="source" use="optional">
+				<xsd:simpleType>
+					<xsd:restriction base="xsd:token">
+						<xsd:enumeration value="TSL"/>
+						<xsd:enumeration value="Certificate"/>
+					</xsd:restriction>
+				</xsd:simpleType>
+			</xsd:attribute>
 		</xsd:complexType>
 	</xsd:element>
+	<xsd:element name="IssuingCountry" type="xsd:token"/>
 	<xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
 	<xsd:complexType name="PublicAuthorityType">
 		<xsd:sequence>
-- 
cgit v1.2.3