<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#">
  <xsl:output encoding="UTF-8" indent="yes" method="xml"/>
  <xsl:template match="/">
    <xsl:apply-templates/>
  </xsl:template>
  <xsl:template match="cfg:MOAConfiguration">
    <xsl:comment>MOA SPSS 1.3 Configuration File created by MOA SPSS Configuration Mapper</xsl:comment>
    <cfg:MOAConfiguration>
      <xsl:if test="cfg:HardwareCryptoModule">
        <cfg:Common>
          <xsl:for-each select="cfg:HardwareCryptoModule">
            <cfg:HardwareCryptoModule>
              <cfg:Name>
                <xsl:value-of select="@name"/>
              </cfg:Name>
              <xsl:if test="@slotID">
                <cfg:SlotId>
                  <xsl:value-of select="@slotID"/>
                </cfg:SlotId>
              </xsl:if>
              <cfg:UserPIN>
                <xsl:value-of select="@userPIN"/>
              </cfg:UserPIN>
            </cfg:HardwareCryptoModule>
          </xsl:for-each>
        </cfg:Common>
      </xsl:if>
      <xsl:if test="cfg:KeyGroup">
        <cfg:SignatureCreation>
          <cfg:KeyModules>
            <xsl:apply-templates select="cfg:HardwareKeyModule | cfg:SoftwareKeyModule"/>
          </cfg:KeyModules>
          <xsl:apply-templates select="cfg:KeyGroup"/>
          <xsl:apply-templates select="cfg:KeyGroupMapping"/>
          <cfg:XMLDSig>
            <cfg:CanonicalizationAlgorithm>
              <xsl:choose>
                <xsl:when test="cfg:CanonicalizationAlgorithm">
                  <xsl:value-of select="cfg:CanonicalizationAlgorithm/@name"/>
                </xsl:when>
                <xsl:otherwise>http://www.w3.org/TR/2001/REC-xml-c14n-20010315</xsl:otherwise>
              </xsl:choose>
            </cfg:CanonicalizationAlgorithm>
            <cfg:DigestMethodAlgorithm>
              <xsl:choose>
                <xsl:when test="cfg:DigestMethodAlgorithm">
                  <xsl:value-of select="cfg:DigestMethodAlgorithm/@name"/>
                </xsl:when>
                <xsl:otherwise>http://www.w3.org/2000/09/xmldsig#sha1</xsl:otherwise>
              </xsl:choose>
            </cfg:DigestMethodAlgorithm>
          </cfg:XMLDSig>
          <xsl:for-each select="cfg:CreateTransformsInfoProfile">
            <cfg:CreateTransformsInfoProfile>
              <xsl:apply-templates select="."/>
            </cfg:CreateTransformsInfoProfile>
          </xsl:for-each>
          <xsl:for-each select="cfg:CreateSignatureEnvironmentProfile">
            <cfg:CreateSignatureEnvironmentProfile>
              <xsl:apply-templates select="."/>
            </cfg:CreateSignatureEnvironmentProfile>
          </xsl:for-each>
        </cfg:SignatureCreation>
      </xsl:if>
      <xsl:if test="cfg:TrustProfile">
        <cfg:SignatureVerification>
          <xsl:call-template name="CertificateValidation"/>
        </cfg:SignatureVerification>
      </xsl:if>
    </cfg:MOAConfiguration>
  </xsl:template>
  <xsl:template match="cfg:SoftwareKeyModule">
    <cfg:SoftwareKeyModule>
      <cfg:Id>
        <xsl:value-of select="@id"/>
      </cfg:Id>
      <cfg:FileName>
        <xsl:value-of select="@filename"/>
      </cfg:FileName>
      <xsl:if test="@password">
        <cfg:Password>
          <xsl:value-of select="@password"/>
        </cfg:Password>
      </xsl:if>
    </cfg:SoftwareKeyModule>
  </xsl:template>
  <xsl:template match="cfg:HardwareKeyModule">
    <cfg:HardwareKeyModule>
      <cfg:Id>
        <xsl:value-of select="@id"/>
      </cfg:Id>
      <cfg:Name>
        <xsl:value-of select="@name"/>
      </cfg:Name>
      <xsl:if test="@slotID">
        <cfg:SlotId>
          <xsl:value-of select="@slotID"/>
        </cfg:SlotId>
      </xsl:if>
      <cfg:UserPIN>
        <xsl:value-of select="@userPIN"/>
      </cfg:UserPIN>
    </cfg:HardwareKeyModule>
  </xsl:template>
  <xsl:template match="cfg:KeyGroup">
    <cfg:KeyGroup>
      <cfg:Id>
        <xsl:value-of select="@id"/>
      </cfg:Id>
      <xsl:for-each select="cfg:Key">
        <cfg:Key>
          <cfg:KeyModuleId>
            <xsl:value-of select="cfg:KeyModuleID"/>
          </cfg:KeyModuleId>
          <cfg:KeyCertIssuerSerial>
            <dsig:X509IssuerName>
              <xsl:value-of select="cfg:KeyCertIssuerSerial/dsig:X509IssuerName"/>
            </dsig:X509IssuerName>
            <dsig:X509SerialNumber>
              <xsl:value-of select="cfg:KeyCertIssuerSerial/dsig:X509SerialNumber"/>
            </dsig:X509SerialNumber>
          </cfg:KeyCertIssuerSerial>
        </cfg:Key>
      </xsl:for-each>
    </cfg:KeyGroup>
  </xsl:template>
  <xsl:template match="cfg:KeyGroupMapping">
    <cfg:KeyGroupMapping>
      <xsl:if test="cfg:X509IssuerSerial">
        <cfg:CustomerId>
          <dsig:X509IssuerName>
            <xsl:value-of select="cfg:X509IssuerSerial/dsig:X509IssuerName"/>
          </dsig:X509IssuerName>
          <dsig:X509SerialNumber>
            <xsl:value-of select="cfg:X509IssuerSerial/dsig:X509SerialNumber"/>
          </dsig:X509SerialNumber>
        </cfg:CustomerId>
      </xsl:if>
      <xsl:for-each select="cfg:KeyGroup">
        <cfg:KeyGroupId>
          <xsl:value-of select="@id"/>
        </cfg:KeyGroupId>
      </xsl:for-each>
    </cfg:KeyGroupMapping>
  </xsl:template>
  <xsl:template match="cfg:CreateTransformsInfoProfile | cfg:CreateSignatureEnvironmentProfile | cfg:VerifyTransformsInfoProfile | cfg:SupplementProfile">
    <cfg:Id>
      <xsl:value-of select="@id"/>
    </cfg:Id>
    <cfg:Location>
      <xsl:value-of select="@filename"/>
    </cfg:Location>
  </xsl:template>
  <xsl:template name="CertificateValidation">
    <cfg:CertificateValidation>
      <cfg:PathConstruction>
        <cfg:AutoAddCertificates>
          <xsl:call-template name="GetGenericValue">
            <xsl:with-param name="GenericName" select="'autoAddCertificates'"/>
            <xsl:with-param name="DefaultValue" select="'true'"/>
          </xsl:call-template>
        </cfg:AutoAddCertificates>
        <cfg:UseAuthorityInformationAccess>
          <xsl:call-template name="GetGenericValue">
            <xsl:with-param name="GenericName" select="'useAuthorityInfoAccess'"/>
            <xsl:with-param name="DefaultValue" select="'true'"/>
          </xsl:call-template>
        </cfg:UseAuthorityInformationAccess>
        <cfg:CertificateStore>
          <cfg:DirectoryStore>
            <cfg:Location>
              <xsl:call-template name="GetGenericValue">
                <xsl:with-param name="GenericName" select="'DirectoryCertStoreParameters.RootDir'"/>
                <xsl:with-param name="DefaultValue" select="'certstore'"/>
              </xsl:call-template>
            </cfg:Location>
          </cfg:DirectoryStore>
        </cfg:CertificateStore>
      </cfg:PathConstruction>
      <cfg:PathValidation>
        <cfg:ChainingMode>
          <cfg:DefaultMode>
            <xsl:choose>
              <xsl:when test="cfg:ChainingModes/@systemDefaultMode">
                <xsl:value-of select="cfg:ChainingModes/@systemDefaultMode"/>
              </xsl:when>
              <xsl:otherwise>pkix</xsl:otherwise>
            </xsl:choose>
          </cfg:DefaultMode>
          <xsl:for-each select="cfg:ChainingModes/cfg:TrustAnchor">
            <cfg:TrustAnchor>
              <cfg:Identification>
                <dsig:X509IssuerName>
                  <xsl:value-of select="dsig:X509IssuerName"/>
                </dsig:X509IssuerName>
                <dsig:X509SerialNumber>
                  <xsl:value-of select="dsig:X509SerialNumber"/>
                </dsig:X509SerialNumber>
              </cfg:Identification>
              <cfg:Mode>
                <xsl:value-of select="@mode"/>
              </cfg:Mode>
            </cfg:TrustAnchor>
          </xsl:for-each>
        </cfg:ChainingMode>
        <xsl:for-each select="cfg:TrustProfile">
          <cfg:TrustProfile>
            <cfg:Id>
              <xsl:value-of select="@id"/>
            </cfg:Id>
            <cfg:TrustAnchorsLocation>
              <xsl:value-of select="@uri"/>
            </cfg:TrustAnchorsLocation>
            <xsl:if test="@signerCertsUri">
              <cfg:SignerCertsLocation>
                <xsl:value-of select="@signerCertsUri"/>
              </cfg:SignerCertsLocation>
            </xsl:if>
          </cfg:TrustProfile>
        </xsl:for-each>
      </cfg:PathValidation>
      <cfg:RevocationChecking>
        <cfg:EnableChecking>
          <xsl:call-template name="GetGenericValue">
            <xsl:with-param name="GenericName" select="'checkRevocation'"/>
            <xsl:with-param name="DefaultValue" select="'true'"/>
          </xsl:call-template>
        </cfg:EnableChecking>
        <cfg:MaxRevocationAge>
          <xsl:call-template name="GetGenericValue">
            <xsl:with-param name="GenericName" select="'maxRevocationAge'"/>
            <xsl:with-param name="DefaultValue" select="'0'"/>
          </xsl:call-template>
        </cfg:MaxRevocationAge>
        <cfg:ServiceOrder>
          <cfg:Service>CRL</cfg:Service>
          <cfg:Service>OCSP</cfg:Service>
        </cfg:ServiceOrder>
        <cfg:Archiving>
          <cfg:EnableArchiving>
            <xsl:call-template name="GetGenericValue">
              <xsl:with-param name="GenericName" select="'archiveRevocationInfo'"/>
              <xsl:with-param name="DefaultValue" select="'false'"/>
            </xsl:call-template>
          </cfg:EnableArchiving>
          <cfg:ArchiveDuration>
            <xsl:choose>
              <xsl:when test="cfg:CRLArchive/@duration">
                <xsl:value-of select="cfg:CRLArchive/@duration"/>
              </xsl:when>
              <xsl:otherwise>365</xsl:otherwise>
            </xsl:choose>
          </cfg:ArchiveDuration>
          <cfg:Archive>
            <cfg:DatabaseArchive>
              <cfg:JDBCURL>
                <xsl:call-template name="GetGenericValue">
                  <xsl:with-param name="GenericName" select="'DataBaseArchiveParameter.JDBCUrl'"/>
                  <xsl:with-param name="DefaultValue" select="'jdbc:url'"/>
                </xsl:call-template>
              </cfg:JDBCURL>
              <cfg:JDBCDriverClassName>
                <xsl:call-template name="GetGenericValue">
                  <xsl:with-param name="GenericName" select="'DataBaseArchiveParameter.JDBCDriverClass'"/>
                  <xsl:with-param name="DefaultValue" select="'fully.qualified.classname'"/>
                </xsl:call-template>
              </cfg:JDBCDriverClassName>
            </cfg:DatabaseArchive>
          </cfg:Archive>
        </cfg:Archiving>
        <xsl:for-each select="cfg:CRLDistributionPoint">
          <cfg:DistributionPoint>
            <cfg:CAIssuerDN>
              <xsl:value-of select="cfg:CAIssuerDN"/>
            </cfg:CAIssuerDN>
            <xsl:for-each select="cfg:DistributionPoint">
              <cfg:CRLDP>
                <cfg:Location>
                  <xsl:value-of select="@uri"/>
                </cfg:Location>
                <xsl:if test="contains(@reasonCodes, 'all')">
                  <cfg:ReasonCode>all</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'unused')">
                  <cfg:ReasonCode>unused</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'keyCompromise')">
                  <cfg:ReasonCode>keyCompromise</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'cACompromise')">
                  <cfg:ReasonCode>cACompromise</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'affiliationChanged')">
                  <cfg:ReasonCode>affiliationChanged</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'superseded')">
                  <cfg:ReasonCode>superseded</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'cessationOfOperation')">
                  <cfg:ReasonCode>cessationOfOperation</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'certificateHold')">
                  <cfg:ReasonCode>certificateHold</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'privilegeWithdrawn')">
                  <cfg:ReasonCode>privilegeWithdrawn</cfg:ReasonCode>
                </xsl:if>
                <xsl:if test="contains(@reasonCodes, 'aACompromise')">
                  <cfg:ReasonCode>aACompromise</cfg:ReasonCode>
                </xsl:if>
              </cfg:CRLDP>
            </xsl:for-each>
          </cfg:DistributionPoint>
        </xsl:for-each>
      </cfg:RevocationChecking>
    </cfg:CertificateValidation>
    <xsl:for-each select="cfg:VerifyTransformsInfoProfile">
      <cfg:VerifyTransformsInfoProfile>
        <xsl:apply-templates select="."/>
      </cfg:VerifyTransformsInfoProfile>
    </xsl:for-each>
    <xsl:for-each select="cfg:SupplementProfile">
      <cfg:SupplementProfile>
        <xsl:apply-templates select="."/>
      </cfg:SupplementProfile>
    </xsl:for-each>
  </xsl:template>
  <xsl:template name="GetGenericValue">
    <xsl:param name="GenericName"/>
    <xsl:param name="DefaultValue"/>
    <xsl:choose>
      <xsl:when test="cfg:GenericConfiguration[@name=$GenericName]">
        <xsl:value-of select="cfg:GenericConfiguration[@name=$GenericName]/@value"/>
      </xsl:when>
      <xsl:otherwise>
        <xsl:if test="$DefaultValue != ''">
          <xsl:value-of select="$DefaultValue"/>
        </xsl:if>
      </xsl:otherwise>
    </xsl:choose>
  </xsl:template>
</xsl:stylesheet>