diff options
author | tlenz <thomas.lenz@egiz.gv.at> | 2017-02-13 08:52:01 +0100 |
---|---|---|
committer | tlenz <thomas.lenz@egiz.gv.at> | 2017-02-13 08:52:01 +0100 |
commit | 863b175fd6c3a81a117ed1c3b7c03293a0d31114 (patch) | |
tree | 138d189ec08f1d32be0009bfe82a510e70eaf8ca | |
parent | cb42d8b04befa612d88123bdc7e8f7164377cddd (diff) | |
parent | fd922888dbe58582fb4a045ad93da1cf2664a744 (diff) | |
download | moa-sig-863b175fd6c3a81a117ed1c3b7c03293a0d31114.tar.gz moa-sig-863b175fd6c3a81a117ed1c3b7c03293a0d31114.tar.bz2 moa-sig-863b175fd6c3a81a117ed1c3b7c03293a0d31114.zip |
Merge branch 'master' of https://gitlab.iaik.tugraz.at/egiz/moa-sig
9 files changed, 951 insertions, 141 deletions
diff --git a/moaSig/build.gradle b/moaSig/build.gradle index 808a960..247bf08 100644 --- a/moaSig/build.gradle +++ b/moaSig/build.gradle @@ -21,7 +21,7 @@ subprojects { testCompile 'junit:junit:4.8.2' } - version = '3.1.0-RC3' + version = '3.1.0-RC5' jar { manifest.attributes provider: 'EGIZ', 'Specification-Version': getCheckedOutGitCommitHash(), 'Implementation-Version': project.version } } diff --git a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd index 4916b89..d4ed4a2 100644 --- a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd +++ b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd @@ -300,7 +300,7 @@ </xsd:complexType> <xsd:complexType name="PDFSignatureResultType"> <xsd:sequence> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0"> <xsd:annotation> <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java index 98b54a3..0ca6f8f 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java @@ -36,6 +36,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen import at.gv.egovernment.moa.spss.api.common.CheckResult; import at.gv.egovernment.moa.spss.api.common.SignerInfo; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; +import at.gv.egovernment.moaspss.logging.Logger; /** * Convert a <code>VerifyCMSSignatureResponse</code> API object into its @@ -104,22 +105,28 @@ public class VerifyPDFSignatureResponseBuilder { CheckResult signatureCheck = responseElement.getSignatureCheck(); CheckResult certCheck = responseElement.getCertificateCheck(); - ResponseBuilderUtils.addSignerInfo( - responseDoc, - responseElem, - signerInfo.getSignerCertificate(), - signerInfo.isQualifiedCertificate(), - signerInfo.getQCSource(), - signerInfo.isPublicAuthority(), - signerInfo.getPublicAuhtorityID(), - signerInfo.isSSCD(), - signerInfo.getSSCDSource(), - signerInfo.getIssuerCountryCode(), - signerInfo.getTslInfos()); - - ResponseBuilderUtils.addSigningTime(responseDoc, - responseElem, - signerInfo.getSigningTime()); + if (signerInfo != null) { + ResponseBuilderUtils.addSignerInfo( + responseDoc, + responseElem, + signerInfo.getSignerCertificate(), + signerInfo.isQualifiedCertificate(), + signerInfo.getQCSource(), + signerInfo.isPublicAuthority(), + signerInfo.getPublicAuhtorityID(), + signerInfo.isSSCD(), + signerInfo.getSSCDSource(), + signerInfo.getIssuerCountryCode(), + signerInfo.getTslInfos()); + + ResponseBuilderUtils.addSigningTime(responseDoc, + responseElem, + signerInfo.getSigningTime()); + + } else { + Logger.info("Find signature result with no 'SignerInfo'. Maybe a signature verification Failed"); + + } ResponseBuilderUtils.addCodeInfoElement( responseDoc, diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java index 295e861..0e592f0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java @@ -143,27 +143,30 @@ public class SystemInitializer { // initialize configuration try { - ConfigurationProvider config = ConfigurationProvider.getInstance(); - Logger.info("Building ConfigurationData"); - ConfigurationData configData = new IaikConfigurator().configure(config); + Logger.info("Initialize MOA-SP/SS configuration ... "); + ConfigurationProvider config = ConfigurationProvider.getInstance(); - //initialize TSL module - TSLConfiguration moaSPTslConfig = config.getTSLConfiguration(); - if (moaSPTslConfig != null) { - TslConfigurationImpl tslConfig = new TslConfigurationImpl(); - tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl()); - tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory()); - tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000); + //initialize TSL module + TSLConfiguration moaSPTslConfig = config.getTSLConfiguration(); + if (moaSPTslConfig != null) { + Logger.debug("Starting TSL-Service initialization ... "); + TslConfigurationImpl tslConfig = new TslConfigurationImpl(); + tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl()); + tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory()); + tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000); - Logger.info(new LogMsg(msg.getMessage("config.41", null))); - TSLServiceFactory.initialize(tslConfig); - Logger.info("TSL-Service client initialization finished"); + Logger.info(new LogMsg(msg.getMessage("config.41", null))); + TSLServiceFactory.initialize(tslConfig); + Logger.info("TSL-Service client initialization finished"); - //initialize TSL Update Task - initTSLUpdateTask(moaSPTslConfig); + //initialize TSL Update Task + initTSLUpdateTask(moaSPTslConfig); } + Logger.info("Building IAIK-MOA configuration ... "); + new IaikConfigurator().configure(config); + runInitializer(config); Logger.info(new LogMsg(msg.getMessage("init.01", null))); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java index 1508b42..c0beced 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java @@ -361,25 +361,27 @@ public class CMSSignatureVerificationInvoker { String issuerCountryCode = null; // QC/SSCD check + + if (cmsResult.getCertificateValidationResult() != null) { + List list = cmsResult.getCertificateValidationResult().getCertificateChain(); + if (list != null) { + X509Certificate[] chain = new X509Certificate[list.size()]; + + Iterator it = list.iterator(); + int i = 0; + while (it.hasNext()) { + chain[i] = (X509Certificate) it.next(); + i++; + } - List list = cmsResult.getCertificateValidationResult().getCertificateChain(); - if (list != null) { - X509Certificate[] chain = new X509Certificate[list.size()]; - - Iterator it = list.iterator(); - int i = 0; - while (it.hasNext()) { - chain[i] = (X509Certificate) it.next(); - i++; - } - - qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance()); + qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance()); - // get signer certificate issuer country code - issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0)); + // get signer certificate issuer country code + issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0)); + } } - + responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, extCheckResult, qcsscdresult.getTslInfos()); diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java index 5ada287..f4121b0 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java @@ -151,28 +151,33 @@ public class VerifyCMSSignatureResponseBuilder { result.getCertificateValidationResult(); int signatureCheckCode = result.getSignatureValueVerificationCode().intValue(); - int certificateCheckCode = certResult.getValidationResultCode().intValue(); - + VerifyCMSSignatureResponseElement responseElement; - SignerInfo signerInfo; + SignerInfo signerInfo = null; CheckResult signatureCheck; CheckResult certificateCheck; boolean qualifiedCertificate = checkQC; - // add SignerInfo element - signerInfo = - factory.createSignerInfo( - (X509Certificate) certResult.getCertificateChain().get(0), - qualifiedCertificate, - qcSourceTSL, - certResult.isPublicAuthorityCertificate(), - certResult.getPublicAuthorityID(), - checkSSCD, - sscdSourceTSL, - issuerCountryCode, - result.getSigningTime(), - tslInfos); + //set code 99 if not certcheckresult exists + int certificateCheckCode = 99; + if (certResult != null) { + certificateCheckCode = certResult.getValidationResultCode().intValue(); + + // add SignerInfo element + signerInfo = + factory.createSignerInfo( + (X509Certificate) certResult.getCertificateChain().get(0), + qualifiedCertificate, + qcSourceTSL, + certResult.isPublicAuthorityCertificate(), + certResult.getPublicAuthorityID(), + checkSSCD, + sscdSourceTSL, + issuerCountryCode, + result.getSigningTime(), + tslInfos); + } // add SignatureCheck element signatureCheck = factory.createCheckResult(signatureCheckCode, null); diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl index 2bcadc6..f822a52 100644 --- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl +++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl @@ -1,65 +1,56 @@ <?xml version="1.0" encoding="UTF-8"?>
<!-- Web Service Description for MOA SP/SS 1.4 -->
-<definitions xmlns="http://schemas.xmlsoap.org/wsdl/"
- xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#"
- xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
- xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#"
- xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"
- location="../schemas/MOA-SPSS-2.0.0.xsd" />
+<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../schemas/MOA-SPSS-3.0.0.xsd"/>
<message name="CreateCMSSignatureInput">
- <part name="body" element="moa:CreateCMSSignatureRequest" />
+ <part name="body" element="moa:CreateCMSSignatureRequest"/>
</message>
<message name="CreateCMSSignatureOutput">
- <part name="body" element="moa:CreateCMSSignatureResponse" />
+ <part name="body" element="moa:CreateCMSSignatureResponse"/>
</message>
- <!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/>
- </message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/>
- </message -->
<message name="CreateXMLSignatureInput">
- <part name="body" element="moa:CreateXMLSignatureRequest" />
+ <part name="body" element="moa:CreateXMLSignatureRequest"/>
</message>
<message name="CreateXMLSignatureOutput">
- <part name="body" element="moa:CreateXMLSignatureResponse" />
+ <part name="body" element="moa:CreateXMLSignatureResponse"/>
</message>
<message name="VerifyCMSSignatureInput">
- <part name="body" element="moa:VerifyCMSSignatureRequest" />
+ <part name="body" element="moa:VerifyCMSSignatureRequest"/>
</message>
<message name="VerifyCMSSignatureOutput">
- <part name="body" element="moa:VerifyCMSSignatureResponse" />
+ <part name="body" element="moa:VerifyCMSSignatureResponse"/>
</message>
<message name="VerifyPDFSignatureInput">
- <part name="body" element="moa:VerifyPDFSignatureRequest" />
+ <part name="body" element="moa:VerifyPDFSignatureRequest"/>
</message>
<message name="VerifyPDFSignatureOutput">
- <part name="body" element="moa:VerifyPDFSignatureResponse" />
+ <part name="body" element="moa:VerifyPDFSignatureResponse"/>
</message>
<message name="VerifyASICSignatureInput">
- <part name="body" element="moa:VerifyASICSignatureRequest" />
+ <part name="body" element="moa:VerifyASICSignatureRequest"/>
</message>
<message name="VerifyASICSignatureOutput">
- <part name="body" element="moa:VerifyASICSignatureResponse" />
+ <part name="body" element="moa:VerifyASICSignatureResponse"/>
</message>
<message name="VerifyXMLSignatureInput">
- <part name="body" element="moa:VerifyXMLSignatureRequest" />
+ <part name="body" element="moa:VerifyXMLSignatureRequest"/>
</message>
<message name="VerifyXMLSignatureOutput">
- <part name="body" element="moa:VerifyXMLSignatureResponse" />
+ <part name="body" element="moa:VerifyXMLSignatureResponse"/>
</message>
<message name="MOAFault">
- <part name="body" element="moa:ErrorResponse" />
+ <part name="body" element="moa:ErrorResponse"/>
</message>
<portType name="SignatureCreationPortType">
<operation name="createXMLSignature">
- <input message="tns:CreateXMLSignatureInput" />
- <output message="tns:CreateXMLSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:CreateXMLSignatureInput"/>
+ <output message="tns:CreateXMLSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="createCMSSignature">
- <input message="tns:CreateCMSSignatureInput" />
- <output message="tns:CreateCMSSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:CreateCMSSignatureInput"/>
+ <output message="tns:CreateCMSSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<!-- operation name="createPDFSignature"> <input message="tns:CreatePDFSignatureInput"/>
<output message="tns:CreatePDFSignatureOutput"/> <fault name="MOAFault" message="tns:MOAFault"/>
@@ -67,52 +58,47 @@ </portType>
<portType name="SignatureVerificationPortType">
<operation name="verifyCMSSignature">
- <input message="tns:VerifyCMSSignatureInput" />
- <output message="tns:VerifyCMSSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyCMSSignatureInput"/>
+ <output message="tns:VerifyCMSSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyXMLSignature">
- <input message="tns:VerifyXMLSignatureInput" />
- <output message="tns:VerifyXMLSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyXMLSignatureInput"/>
+ <output message="tns:VerifyXMLSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyPDFSignature">
- <input message="tns:VerifyPDFSignatureInput" />
- <output message="tns:VerifyPDFSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyPDFSignatureInput"/>
+ <output message="tns:VerifyPDFSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyASICSignature">
- <input message="tns:VerifyASICSignatureInput" />
- <output message="tns:VerifyASICSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyASICSignatureInput"/>
+ <output message="tns:VerifyASICSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
</portType>
<binding name="SignatureCreationBinding" type="tns:SignatureCreationPortType">
- <soap:binding style="document"
- transport="http://schemas.xmlsoap.org/soap/http" />
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="createXMLSignature">
- <soap:operation soapAction="urn:CreateXMLSignatureAction" />
+ <soap:operation soapAction="urn:CreateXMLSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="createCMSSignature">
- <soap:operation soapAction="urn:CreateCMSSignatureAction" />
+ <soap:operation soapAction="urn:CreateCMSSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
@@ -126,59 +112,50 @@ <!-- /fault> </operation -->
</binding>
<binding name="SignatureVerificationBinding" type="tns:SignatureVerificationPortType">
- <soap:binding style="document"
- transport="http://schemas.xmlsoap.org/soap/http" />
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="verifyCMSSignature">
- <soap:operation soapAction="urn:VerifyCMSSignatureAction" />
+ <soap:operation soapAction="urn:VerifyCMSSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyXMLSignature">
- <soap:operation soapAction="urn:VerifyXMLSignatureAction" />
+ <soap:operation soapAction="urn:VerifyXMLSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyPDFSignature">
- <soap:operation soapAction="urn:VerifyPDFSignatureAction" />
+ <soap:operation soapAction="urn:VerifyPDFSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyASICSignature">
- <soap:operation soapAction="urn:VerifyASICSignatureAction" />
+ <soap:operation soapAction="urn:VerifyASICSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
@@ -197,4 +174,7 @@ URL. <soap:address location="http://localhost/moa-spss/services/SignatureVerification"/> -->
</port>
</service>
+ <!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/>
+ </message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/>
+ </message -->
</definitions>
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd index 4916b89..d4ed4a2 100644 --- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd +++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd @@ -300,7 +300,7 @@ </xsd:complexType> <xsd:complexType name="PDFSignatureResultType"> <xsd:sequence> - <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0"> <xsd:annotation> <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as diff --git a/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd new file mode 100644 index 0000000..d4ed4a2 --- /dev/null +++ b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd @@ -0,0 +1,813 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- MOA SP/SS 2.0.0 Schema --> +<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2"> + <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/> + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> + <!--########## Create CMS Signature ### --> + <!--### Create CMS Signature Request ### --> + <xsd:element name="CreateCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateCMSSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch + wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CMSDataObjectInfoType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create CMS Signature Response ### --> + <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/> + <xsd:complexType name="CreateCMSSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine + Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="CMSSignature" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung + erfolgreich war</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <!--########## Create XML Signature ### --> + <!--### Create XML Signature Request ### --> + <xsd:element name="CreateXMLSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreateXMLSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreateXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch + wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="DataObjectInfo" maxOccurs="unbounded"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="DataObjectInfoType"> + <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:element name="CreateSignatureInfo" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe des + Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit + der Signaturumgebung, oder Verweis auf ein benanntes Profil + </xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateSignatureEnvironmentProfile"/> + <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create XML Signature Response ### --> + <xsd:complexType name="CreateXMLSignatureResponseType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine + Stapelsignatur-Anfrage</xsd:documentation> + </xsd:annotation> + <xsd:element name="SignatureEnvironment"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung + erfolgreich war</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:complexType> + <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/> + <!--########## Create PDF Signature ### --> + <!--### Create PDF Signature Request ### --> + <xsd:element name="CreatePDFSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CreatePDFSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="CreatePDFSignatureRequestType"> + <xsd:sequence> + <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/> + <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ermöglichung der Stapelsignatur durch + wiederholte Angabe dieses Elements</xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="PDFDocument" type="xsd:base64Binary"/> + <xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/> + <xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/> + <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Create PDF Signature Response ### --> + <xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/> + <xsd:complexType name="CreatePDFSignatureResponseType"> + <xsd:sequence> + <xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify CMS Signature ### --> + <!--### Verifiy CMS Signature Request ### --> + <xsd:element name="VerifyCMSSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyCMSSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyCMSSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/> + <xsd:element name="CMSSignature" type="xsd:base64Binary"/> + <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ### --> + <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/> + <xsd:complexType name="VerifyCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is + supported; QualifiedCertificate is included as + X509Data/any;publicAuthority is included as X509Data/any; + SecureSignatureCreationDevice is included as X509Data/any, + IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerifyASICCMSSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is + supported; QualifiedCertificate is included as + X509Data/any;publicAuthority is included as X509Data/any; + SecureSignatureCreationDevice is included as X509Data/any, + IssuingCountry is included as X509Data/any, + TSLInformation is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify PDF Signature ### --> + <!--### Verifiy PDF Signature Request ### --> + <xsd:element name="VerifyPDFSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyPDFSignatureRequestType"> + <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyPDFSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/> + <xsd:element name="PDFSignature" type="xsd:base64Binary"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify PDF Signature ### --> + <!--### Verifiy ASIC Signature Request ### --> + <xsd:element name="VerifyASICSignatureRequest"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="VerifyASICSignatureRequestType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:complexType name="VerifyASICSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/> + <xsd:element name="ASICSignature" type="xsd:base64Binary"/> + <xsd:element name="ASICExtension" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>asics or asice</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify ASIC Signature Response ### --> + <xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/> + <xsd:complexType name="VerifyASICSignatureResponseType"> + <xsd:sequence> + <xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ASICResultType"> + <xsd:sequence> + <xsd:element name="signedFiles" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <!--### Verify CMS Signature Response ### --> + <xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/> + <xsd:complexType name="VerifyPDFSignatureResponseType"> + <xsd:sequence maxOccurs="unbounded"> + <xsd:element name="SignatureResult" type="PDFSignatureResultType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PDFSignatureResultType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and RetrievalMethod is + supported; QualifiedCertificate is included as + X509Data/any;publicAuthority is included as X509Data/any; + SecureSignatureCreationDevice is included as X509Data/any, + IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="SignatureCheck" type="CheckResultType"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Verify XML Signature ### --> + <!--### Verify XML Signature Request ### --> + <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/> + <xsd:complexType name="VerifyXMLSignatureRequestType"> + <xsd:sequence> + <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/> + <xsd:element name="VerifySignatureInfo"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/> + <xsd:element name="VerifySignatureLocation" type="xsd:token"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:element ref="SupplementProfile"/> + <xsd:element name="SupplementProfileID" type="xsd:string"/> + </xsd:choice> + <xsd:element name="SignatureManifestCheckParams" minOccurs="0"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Pro dsig:Reference-Element in der zu + überprüfenden XML-Signatur muss hier ein + ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen + ReferenceInfo Elemente entspricht jener der dsig:Reference + Elemente in der XML-Signatur.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/> + </xsd:complexType> + </xsd:element> + <xsd:element name="ReturnHashInputData" minOccurs="0"/> + <xsd:element name="TrustProfileID" type="xsd:token"> + <xsd:annotation> + <xsd:documentation>mit diesem Profil wird eine Menge von + vertrauenswürdigen Wurzelzertifikaten spezifiziert + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + <!--### Verify XML Signature Response ### --> + <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/> + <xsd:complexType name="VerifyXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is + supported; QualifiedCertificate is included as X509Data/any; + PublicAuthority is included as X509Data/any; + SecureSignatureCreationDevice is included as X509Data/any, + IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="VerifyASICXMLSignatureResponseType"> + <xsd:sequence> + <xsd:element name="SignerInfo" type="dsig:KeyInfoType"> + <xsd:annotation> + <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is + supported; QualifiedCertificate is included as X509Data/any; + PublicAuthority is included as X509Data/any; + SecureSignatureCreationDevice is included as X509Data/any, + IssuingCountry is included as X509Data/any</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/> + <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/> + <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/> + <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="CertificateCheck" type="CheckResultType"/> + <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="ProfileIdentifierType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="InputDataType"> + <xsd:complexContent> + <xsd:extension base="ContentExLocRefBaseType"> + <xsd:attribute name="PartOf" use="optional" default="SignedInfo"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="SignedInfo"/> + <xsd:enumeration value="XMLDSIGManifest"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="MetaInfoType"> + <xsd:sequence> + <xsd:element name="MimeType" type="MimeTypeType"/> + <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/> + <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FinalDataMetaInfoType"> + <xsd:complexContent> + <xsd:extension base="MetaInfoType"> + <xsd:sequence> + <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/> + </xsd:sequence> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="DataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="ContentOptionalRefType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + <xsd:choice> + <xsd:annotation> + <xsd:documentation>Auswahl: Entweder explizite Angabe EINER + Transformationskette inklusive ggf. sinnvoller Supplements oder + Verweis auf ein benanntes Profil</xsd:documentation> + </xsd:annotation> + <xsd:element ref="CreateTransformsInfoProfile"/> + <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/> + </xsd:choice> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectInfoType"> + <xsd:sequence> + <xsd:element name="DataObject"> + <xsd:complexType> + <xsd:complexContent> + <xsd:extension base="CMSDataObjectRequiredMetaType"/> + </xsd:complexContent> + </xsd:complexType> + </xsd:element> + </xsd:sequence> + <xsd:attribute name="Structure" use="required"> + <xsd:simpleType> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="detached"/> + <xsd:enumeration value="enveloping"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + <xsd:complexType name="TransformsInfoType"> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLDataObjectAssociationType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="ContentRequiredRefType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="PDFSignedRepsonse"> + <xsd:sequence> + <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/> + <xsd:choice maxOccurs="1"> + <xsd:element name="PDFSignature" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung + erfolgreich war</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element ref="ErrorResponse"/> + </xsd:choice> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectOptionalMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSDataObjectRequiredMetaType"> + <xsd:sequence> + <xsd:element name="MetaInfo" type="MetaInfoType"/> + <xsd:element name="Content" type="CMSContentBaseType"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="CMSContentBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="FormResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/> + <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="IndicationResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/> + <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ExtendedCertificateCheckResultType"> + <xsd:sequence> + <xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/> + <xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true"> + <xsd:complexContent> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultType"> + <xsd:complexContent> + <xsd:restriction base="CheckResultType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:nonNegativeInteger"/> + <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true"> + <xsd:complexContent> + <xsd:restriction base="AnyChildrenType"> + <xsd:sequence> + <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/> + <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/> + </xsd:sequence> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <!--########## Error Response ### --> + <xsd:element name="ErrorResponse" type="ErrorResponseType"> + <xsd:annotation> + <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert + ist</xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:complexType name="ErrorResponseType"> + <xsd:sequence> + <xsd:element name="ErrorCode" type="xsd:integer"/> + <xsd:element name="Info" type="xsd:string"/> + </xsd:sequence> + </xsd:complexType> + <!--########## Auxiliary Types ### --> + <xsd:simpleType name="KeyIdentifierType"> + <xsd:restriction base="xsd:string"/> + </xsd:simpleType> + <xsd:simpleType name="KeyStorageType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="Software"/> + <xsd:enumeration value="Hardware"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:simpleType name="MimeTypeType"> + <xsd:restriction base="xsd:token"/> + </xsd:simpleType> + <xsd:complexType name="AnyChildrenType" mixed="true"> + <xsd:sequence> + <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + <xsd:complexType name="XMLContentType" mixed="true"> + <xsd:complexContent> + <xsd:extension base="AnyChildrenType"> + <xsd:attribute ref="xml:space" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + </xsd:complexType> + <xsd:complexType name="ContentExLocRefBaseType"> + <xsd:complexContent> + <xsd:restriction base="ContentBaseType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + </xsd:choice> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentOptionalRefType"> + <xsd:complexContent> + <xsd:extension base="ContentBaseType"> + <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/> + </xsd:extension> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="ContentRequiredRefType"> + <xsd:complexContent> + <xsd:restriction base="ContentOptionalRefType"> + <xsd:choice minOccurs="0"> + <xsd:element name="Base64Content" type="xsd:base64Binary"/> + <xsd:element name="XMLContent" type="XMLContentType"/> + <xsd:element name="LocRefContent" type="xsd:anyURI"/> + </xsd:choice> + <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/> + </xsd:restriction> + </xsd:complexContent> + </xsd:complexType> + <xsd:complexType name="VerifyTransformsDataType"> + <xsd:choice maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Ein oder mehrere Transformationswege können von + der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur + hat zumindest einem dieser Transformationswege zu entsprechen. Die + Angabe kann explizit oder als Profilbezeichner erfolgen. + </xsd:documentation> + </xsd:annotation> + <xsd:element ref="VerifyTransformsInfoProfile"/> + <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string"> + <xsd:annotation> + <xsd:documentation>Profilbezeichner für einen Transformationsweg + </xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:choice> + </xsd:complexType> + <xsd:element name="QualifiedCertificate"> + <xsd:complexType> + <xsd:attribute name="source" use="optional"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="TSL"/> + <xsd:enumeration value="Certificate"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + </xsd:element> + <xsd:element name="SecureSignatureCreationDevice"> + <xsd:complexType> + <xsd:attribute name="source" use="optional"> + <xsd:simpleType> + <xsd:restriction base="xsd:token"> + <xsd:enumeration value="TSL"/> + <xsd:enumeration value="Certificate"/> + </xsd:restriction> + </xsd:simpleType> + </xsd:attribute> + </xsd:complexType> + </xsd:element> + <xsd:element name="IssuingCountry" type="xsd:token"/> + <xsd:element name="PublicAuthority" type="PublicAuthorityType"/> + <xsd:complexType name="PublicAuthorityType"> + <xsd:sequence> + <xsd:element name="Code" type="xsd:string" minOccurs="0"/> + </xsd:sequence> + </xsd:complexType> + <xsd:simpleType name="SignatoriesType"> + <xsd:union memberTypes="AllSignatoriesType"> + <xsd:simpleType> + <xsd:list itemType="xsd:positiveInteger"/> + </xsd:simpleType> + </xsd:union> + </xsd:simpleType> + <xsd:simpleType name="AllSignatoriesType"> + <xsd:restriction base="xsd:string"> + <xsd:enumeration value="all"/> + </xsd:restriction> + </xsd:simpleType> + <xsd:complexType name="CreateSignatureLocationType"> + <xsd:simpleContent> + <xsd:extension base="xsd:token"> + <xsd:attribute name="Index" type="xsd:integer" use="required"/> + </xsd:extension> + </xsd:simpleContent> + </xsd:complexType> + <xsd:complexType name="TransformParameterType"> + <xsd:choice minOccurs="0"> + <xsd:annotation> + <xsd:documentation>Die Angabe des Transformationsparameters + (explizit oder als Hashwert) kann unterlassen werden, wenn die + Applikation von der Unveränderlichkeit des Inhalts der in + "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen + kann.</xsd:documentation> + </xsd:annotation> + <xsd:element name="Base64Content" type="xsd:base64Binary"> + <xsd:annotation> + <xsd:documentation>Der Transformationsparameter explizit angegeben. + </xsd:documentation> + </xsd:annotation> + </xsd:element> + <xsd:element name="Hash"> + <xsd:annotation> + <xsd:documentation>Der Hashwert des Transformationsparameters. + </xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:DigestMethod"/> + <xsd:element ref="dsig:DigestValue"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + </xsd:choice> + <xsd:attribute name="URI" type="xsd:anyURI" use="required"/> + </xsd:complexType> + <xsd:element name="CreateSignatureEnvironmentProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="VerifyTransformsInfoProfile"> + <xsd:annotation> + <xsd:documentation>Explizite Angabe des Transformationswegs + </xsd:documentation> + </xsd:annotation> + <xsd:complexType> + <xsd:sequence> + <xsd:element ref="dsig:Transforms" minOccurs="0"/> + <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded"> + <xsd:annotation> + <xsd:documentation>Alle impliziten Transformationsparameter, die + zum Durchlaufen der oben angeführten Transformationskette + bekannt sein müssen, müssen hier angeführt werden. Das + Attribut "URI" bezeichnet den Transformationsparameter in exakt + jener Weise, wie er in der zu überprüfenden Signatur gebraucht + wird.</xsd:documentation> + </xsd:annotation> + </xsd:element> + </xsd:sequence> + </xsd:complexType> + </xsd:element> + <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/> + <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/> + <xsd:element name="CreateTransformsInfoProfile"> + <xsd:complexType> + <xsd:sequence> + <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/> + <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/> + </xsd:sequence> + </xsd:complexType> + </xsd:element> +</xsd:schema> |