Merge branch 'master' of https://gitlab.iaik.tugraz.at/egiz/moa-sig

9 files changed, 951 insertions, 141 deletions

diff --git a/moaSig/build.gradle b/moaSig/build.gradle
index 808a960..247bf08 100644
--- a/moaSig/build.gradle
+++ b/moaSig/build.gradle
@@ -21,7 +21,7 @@ subprojects {
         testCompile 'junit:junit:4.8.2'
     }
 
-    version = '3.1.0-RC3'
+    version = '3.1.0-RC5'
 
     jar { manifest.attributes provider: 'EGIZ', 'Specification-Version': getCheckedOutGitCommitHash(), 'Implementation-Version': project.version  }
 }
diff --git a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
index 4916b89..d4ed4a2 100644
--- a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
+++ b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
@@ -300,7 +300,7 @@
 	</xsd:complexType>
 	<xsd:complexType name="PDFSignatureResultType">
 		<xsd:sequence>
-			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
 				<xsd:annotation>
 					<xsd:documentation>only ds:X509Data and RetrievalMethod is
 						supported; QualifiedCertificate is included as
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
index 98b54a3..0ca6f8f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
@@ -36,6 +36,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen
 import at.gv.egovernment.moa.spss.api.common.CheckResult;
 import at.gv.egovernment.moa.spss.api.common.SignerInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * Convert a <code>VerifyCMSSignatureResponse</code> API object into its
@@ -104,22 +105,28 @@ public class VerifyPDFSignatureResponseBuilder {
     CheckResult signatureCheck = responseElement.getSignatureCheck();
     CheckResult certCheck = responseElement.getCertificateCheck();
     
-    ResponseBuilderUtils.addSignerInfo(
-      responseDoc,
-      responseElem,
-      signerInfo.getSignerCertificate(),
-      signerInfo.isQualifiedCertificate(),
-      signerInfo.getQCSource(),
-      signerInfo.isPublicAuthority(),
-      signerInfo.getPublicAuhtorityID(),
-      signerInfo.isSSCD(),
-      signerInfo.getSSCDSource(),
-      signerInfo.getIssuerCountryCode(),
-      signerInfo.getTslInfos());
-
-      ResponseBuilderUtils.addSigningTime(responseDoc,
-              responseElem,
-              signerInfo.getSigningTime());
+    if (signerInfo != null) {
+	    ResponseBuilderUtils.addSignerInfo(
+	      responseDoc,
+	      responseElem,
+	      signerInfo.getSignerCertificate(),
+	      signerInfo.isQualifiedCertificate(),
+	      signerInfo.getQCSource(),
+	      signerInfo.isPublicAuthority(),
+	      signerInfo.getPublicAuhtorityID(),
+	      signerInfo.isSSCD(),
+	      signerInfo.getSSCDSource(),
+	      signerInfo.getIssuerCountryCode(),
+	      signerInfo.getTslInfos());
+	
+	      ResponseBuilderUtils.addSigningTime(responseDoc,
+	              responseElem,
+	              signerInfo.getSigningTime());
+	      
+    } else {
+    	Logger.info("Find signature result with no 'SignerInfo'. Maybe a signature verification Failed");
+    	
+    }
 
     ResponseBuilderUtils.addCodeInfoElement(
       responseDoc,
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
index 295e861..0e592f0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -143,27 +143,30 @@ public class SystemInitializer {
     
     // initialize configuration
     try {
-      ConfigurationProvider config = ConfigurationProvider.getInstance();
-      Logger.info("Building ConfigurationData");
-      ConfigurationData configData = new IaikConfigurator().configure(config);
+    	Logger.info("Initialize MOA-SP/SS configuration ... ");
+    	ConfigurationProvider config = ConfigurationProvider.getInstance();
                   
-      //initialize TSL module
-      TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();      
-      if (moaSPTslConfig != null) {
-    	  TslConfigurationImpl tslConfig = new TslConfigurationImpl();
-    	  tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
-    	  tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
-    	  tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
+    	//initialize TSL module
+    	TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();      
+    	if (moaSPTslConfig != null) {
+    		Logger.debug("Starting TSL-Service initialization ... ");
+    		TslConfigurationImpl tslConfig = new TslConfigurationImpl();
+    		tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
+    		tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
+    		tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
     	  
-    	  Logger.info(new LogMsg(msg.getMessage("config.41", null)));
-    	  TSLServiceFactory.initialize(tslConfig);    	  
-    	  Logger.info("TSL-Service client initialization finished");
+    		Logger.info(new LogMsg(msg.getMessage("config.41", null)));
+    		TSLServiceFactory.initialize(tslConfig);    	  
+    		Logger.info("TSL-Service client initialization finished");
     	            
-          //initialize TSL Update Task
-          initTSLUpdateTask(moaSPTslConfig);
+    		//initialize TSL Update Task
+    		initTSLUpdateTask(moaSPTslConfig);
     	   
       	}
       
+        Logger.info("Building IAIK-MOA configuration ... ");
+        new IaikConfigurator().configure(config);
+    	
       	runInitializer(config);      
       	Logger.info(new LogMsg(msg.getMessage("init.01", null)));
       	
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 1508b42..c0beced 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -361,25 +361,27 @@ public class CMSSignatureVerificationInvoker {
 
 		String issuerCountryCode = null;
 		// QC/SSCD check
+	
+		if (cmsResult.getCertificateValidationResult() != null) {	
+			List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+			if (list != null) {
+				X509Certificate[] chain = new X509Certificate[list.size()];
+
+				Iterator it = list.iterator();
+				int i = 0;
+				while (it.hasNext()) {
+					chain[i] = (X509Certificate) it.next();
+					i++;
+				}
 
-		List list = cmsResult.getCertificateValidationResult().getCertificateChain();
-		if (list != null) {
-			X509Certificate[] chain = new X509Certificate[list.size()];
-
-			Iterator it = list.iterator();
-			int i = 0;
-			while (it.hasNext()) {
-				chain[i] = (X509Certificate) it.next();
-				i++;
-			}
-
-			qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
+				qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
 
-			// get signer certificate issuer country code
-			issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+				// get signer certificate issuer country code
+				issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
 
+			}
 		}
-
+		
 		responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
 				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults, 
 				extCheckResult, qcsscdresult.getTslInfos());
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 5ada287..f4121b0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -151,28 +151,33 @@ public class VerifyCMSSignatureResponseBuilder {
       result.getCertificateValidationResult();
     int signatureCheckCode =
       result.getSignatureValueVerificationCode().intValue();
-    int certificateCheckCode = certResult.getValidationResultCode().intValue();
-         
+    
     VerifyCMSSignatureResponseElement responseElement;
-    SignerInfo signerInfo;
+    SignerInfo signerInfo = null;
     CheckResult signatureCheck;
     CheckResult certificateCheck;
 
     boolean qualifiedCertificate = checkQC;
     
-    // add SignerInfo element
-    signerInfo =
-      factory.createSignerInfo(
-        (X509Certificate) certResult.getCertificateChain().get(0),
-        qualifiedCertificate,
-        qcSourceTSL,
-        certResult.isPublicAuthorityCertificate(),
-        certResult.getPublicAuthorityID(),
-        checkSSCD,
-        sscdSourceTSL,
-        issuerCountryCode,
-        result.getSigningTime(),
-        tslInfos);
+    //set code 99 if not certcheckresult exists
+    int certificateCheckCode = 99;
+    if (certResult != null) {
+    	certificateCheckCode = certResult.getValidationResultCode().intValue();
+           
+    	// add SignerInfo element
+    	signerInfo =
+    			factory.createSignerInfo(
+    					(X509Certificate) certResult.getCertificateChain().get(0),
+    					qualifiedCertificate,
+    					qcSourceTSL,
+    					certResult.isPublicAuthorityCertificate(),
+    					certResult.getPublicAuthorityID(),
+    					checkSSCD,
+    					sscdSourceTSL,
+    					issuerCountryCode,
+    					result.getSigningTime(),
+    					tslInfos);
+    }
 
     // add SignatureCheck element
     signatureCheck = factory.createCheckResult(signatureCheckCode, null);
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
index 2bcadc6..f822a52 100644
--- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
@@ -1,65 +1,56 @@
 <?xml version="1.0" encoding="UTF-8"?>

 <!-- Web Service Description for MOA SP/SS 1.4 -->

-<definitions xmlns="http://schemas.xmlsoap.org/wsdl/"

-	xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#"

-	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"

-	xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#"

-	xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

-	name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">

-	<import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"

-		location="../schemas/MOA-SPSS-2.0.0.xsd" />

+<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">

+	<import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../schemas/MOA-SPSS-3.0.0.xsd"/>

 	<message name="CreateCMSSignatureInput">

-		<part name="body" element="moa:CreateCMSSignatureRequest" />

+		<part name="body" element="moa:CreateCMSSignatureRequest"/>

 	</message>

 	<message name="CreateCMSSignatureOutput">

-		<part name="body" element="moa:CreateCMSSignatureResponse" />

+		<part name="body" element="moa:CreateCMSSignatureResponse"/>

 	</message>

-	<!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/> 

-		</message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/> 

-		</message -->

 	<message name="CreateXMLSignatureInput">

-		<part name="body" element="moa:CreateXMLSignatureRequest" />

+		<part name="body" element="moa:CreateXMLSignatureRequest"/>

 	</message>

 	<message name="CreateXMLSignatureOutput">

-		<part name="body" element="moa:CreateXMLSignatureResponse" />

+		<part name="body" element="moa:CreateXMLSignatureResponse"/>

 	</message>

 	<message name="VerifyCMSSignatureInput">

-		<part name="body" element="moa:VerifyCMSSignatureRequest" />

+		<part name="body" element="moa:VerifyCMSSignatureRequest"/>

 	</message>

 	<message name="VerifyCMSSignatureOutput">

-		<part name="body" element="moa:VerifyCMSSignatureResponse" />

+		<part name="body" element="moa:VerifyCMSSignatureResponse"/>

 	</message>

 	<message name="VerifyPDFSignatureInput">

-		<part name="body" element="moa:VerifyPDFSignatureRequest" />

+		<part name="body" element="moa:VerifyPDFSignatureRequest"/>

 	</message>

 	<message name="VerifyPDFSignatureOutput">

-		<part name="body" element="moa:VerifyPDFSignatureResponse" />

+		<part name="body" element="moa:VerifyPDFSignatureResponse"/>

 	</message>

 	<message name="VerifyASICSignatureInput">

-		<part name="body" element="moa:VerifyASICSignatureRequest" />

+		<part name="body" element="moa:VerifyASICSignatureRequest"/>

 	</message>

 	<message name="VerifyASICSignatureOutput">

-		<part name="body" element="moa:VerifyASICSignatureResponse" />

+		<part name="body" element="moa:VerifyASICSignatureResponse"/>

 	</message>

 	<message name="VerifyXMLSignatureInput">

-		<part name="body" element="moa:VerifyXMLSignatureRequest" />

+		<part name="body" element="moa:VerifyXMLSignatureRequest"/>

 	</message>

 	<message name="VerifyXMLSignatureOutput">

-		<part name="body" element="moa:VerifyXMLSignatureResponse" />

+		<part name="body" element="moa:VerifyXMLSignatureResponse"/>

 	</message>

 	<message name="MOAFault">

-		<part name="body" element="moa:ErrorResponse" />

+		<part name="body" element="moa:ErrorResponse"/>

 	</message>

 	<portType name="SignatureCreationPortType">

 		<operation name="createXMLSignature">

-			<input message="tns:CreateXMLSignatureInput" />

-			<output message="tns:CreateXMLSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:CreateXMLSignatureInput"/>

+			<output message="tns:CreateXMLSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 		<operation name="createCMSSignature">

-			<input message="tns:CreateCMSSignatureInput" />

-			<output message="tns:CreateCMSSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:CreateCMSSignatureInput"/>

+			<output message="tns:CreateCMSSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 		<!-- operation name="createPDFSignature"> <input message="tns:CreatePDFSignatureInput"/> 

 			<output message="tns:CreatePDFSignatureOutput"/> <fault name="MOAFault" message="tns:MOAFault"/> 

@@ -67,52 +58,47 @@
 	</portType>

 	<portType name="SignatureVerificationPortType">

 		<operation name="verifyCMSSignature">

-			<input message="tns:VerifyCMSSignatureInput" />

-			<output message="tns:VerifyCMSSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:VerifyCMSSignatureInput"/>

+			<output message="tns:VerifyCMSSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 		<operation name="verifyXMLSignature">

-			<input message="tns:VerifyXMLSignatureInput" />

-			<output message="tns:VerifyXMLSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:VerifyXMLSignatureInput"/>

+			<output message="tns:VerifyXMLSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 		<operation name="verifyPDFSignature">

-			<input message="tns:VerifyPDFSignatureInput" />

-			<output message="tns:VerifyPDFSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:VerifyPDFSignatureInput"/>

+			<output message="tns:VerifyPDFSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 		<operation name="verifyASICSignature">

-			<input message="tns:VerifyASICSignatureInput" />

-			<output message="tns:VerifyASICSignatureOutput" />

-			<fault name="MOAFault" message="tns:MOAFault" />

+			<input message="tns:VerifyASICSignatureInput"/>

+			<output message="tns:VerifyASICSignatureOutput"/>

+			<fault name="MOAFault" message="tns:MOAFault"/>

 		</operation>

 	</portType>

 	<binding name="SignatureCreationBinding" type="tns:SignatureCreationPortType">

-		<soap:binding style="document"

-			transport="http://schemas.xmlsoap.org/soap/http" />

+		<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>

 		<operation name="createXMLSignature">

-			<soap:operation soapAction="urn:CreateXMLSignatureAction" />

+			<soap:operation soapAction="urn:CreateXMLSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

 			</fault>

 		</operation>

 		<operation name="createCMSSignature">

-			<soap:operation soapAction="urn:CreateCMSSignatureAction" />

+			<soap:operation soapAction="urn:CreateCMSSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

@@ -126,59 +112,50 @@
 		<!-- /fault> </operation -->

 	</binding>

 	<binding name="SignatureVerificationBinding" type="tns:SignatureVerificationPortType">

-		<soap:binding style="document"

-			transport="http://schemas.xmlsoap.org/soap/http" />

+		<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>

 		<operation name="verifyCMSSignature">

-			<soap:operation soapAction="urn:VerifyCMSSignatureAction" />

+			<soap:operation soapAction="urn:VerifyCMSSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

 			</fault>

 		</operation>

 		<operation name="verifyXMLSignature">

-			<soap:operation soapAction="urn:VerifyXMLSignatureAction" />

+			<soap:operation soapAction="urn:VerifyXMLSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

 			</fault>

 		</operation>

 		<operation name="verifyPDFSignature">

-			<soap:operation soapAction="urn:VerifyPDFSignatureAction" />

+			<soap:operation soapAction="urn:VerifyPDFSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

 			</fault>

 		</operation>

 		<operation name="verifyASICSignature">

-			<soap:operation soapAction="urn:VerifyASICSignatureAction" />

+			<soap:operation soapAction="urn:VerifyASICSignatureAction"/>

 			<input>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</input>

 			<output>

-				<soap:body use="literal"

-					namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />

+				<soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>

 			</output>

 			<fault name="MOAFault">

 				<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->

@@ -197,4 +174,7 @@
 				URL. <soap:address location="http://localhost/moa-spss/services/SignatureVerification"/> -->

 		</port>

 	</service>

+	<!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/> 

+		</message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/> 

+		</message -->

 </definitions>

diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
index 4916b89..d4ed4a2 100644
--- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
@@ -300,7 +300,7 @@
 	</xsd:complexType>
 	<xsd:complexType name="PDFSignatureResultType">
 		<xsd:sequence>
-			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
 				<xsd:annotation>
 					<xsd:documentation>only ds:X509Data and RetrievalMethod is
 						supported; QualifiedCertificate is included as
diff --git a/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd
new file mode 100644
index 0000000..d4ed4a2
--- /dev/null
+++ b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd
@@ -0,0 +1,813 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- MOA SP/SS 2.0.0 Schema -->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+	<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+	<xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+	<!--########## Create CMS Signature ### -->
+	<!--### Create CMS Signature Request ### -->
+	<xsd:element name="CreateCMSSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="CreateCMSSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="CreateCMSSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+			<xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+				<xsd:annotation>
+					<xsd:documentation>Ermöglichung der Stapelsignatur durch
+						wiederholte Angabe dieses Elements</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="DataObjectInfo">
+							<xsd:complexType>
+								<xsd:complexContent>
+									<xsd:extension base="CMSDataObjectInfoType"/>
+								</xsd:complexContent>
+							</xsd:complexType>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Create CMS Signature Response ### -->
+	<xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+	<xsd:complexType name="CreateCMSSignatureResponseType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+					Stapelsignatur-Anfrage</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="CMSSignature" type="xsd:base64Binary">
+				<xsd:annotation>
+					<xsd:documentation>Resultat, falls die Signaturerstellung
+						erfolgreich war</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element ref="ErrorResponse"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<!--########## Create XML Signature ### -->
+	<!--### Create XML Signature Request ### -->
+	<xsd:element name="CreateXMLSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="CreateXMLSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="CreateXMLSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+			<xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+				<xsd:annotation>
+					<xsd:documentation>Ermöglichung der Stapelsignatur durch
+						wiederholte Angabe dieses Elements</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+							<xsd:complexType>
+								<xsd:complexContent>
+									<xsd:extension base="DataObjectInfoType">
+										<xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+									</xsd:extension>
+								</xsd:complexContent>
+							</xsd:complexType>
+						</xsd:element>
+						<xsd:element name="CreateSignatureInfo" minOccurs="0">
+							<xsd:complexType>
+								<xsd:sequence>
+									<xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+									<xsd:choice>
+										<xsd:annotation>
+											<xsd:documentation>Auswahl: Entweder explizite Angabe des
+												Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit
+												der Signaturumgebung, oder Verweis auf ein benanntes Profil
+											</xsd:documentation>
+										</xsd:annotation>
+										<xsd:element ref="CreateSignatureEnvironmentProfile"/>
+										<xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+									</xsd:choice>
+								</xsd:sequence>
+							</xsd:complexType>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Create XML Signature Response ### -->
+	<xsd:complexType name="CreateXMLSignatureResponseType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+					Stapelsignatur-Anfrage</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="SignatureEnvironment">
+				<xsd:annotation>
+					<xsd:documentation>Resultat, falls die Signaturerstellung
+						erfolgreich war</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:any namespace="##any" processContents="lax"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:element ref="ErrorResponse"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+	<!--########## Create PDF Signature ### -->
+	<!--### Create PDF Signature Request ### -->
+	<xsd:element name="CreatePDFSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="CreatePDFSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="CreatePDFSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+			<xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+				<xsd:annotation>
+					<xsd:documentation>Ermöglichung der Stapelsignatur durch
+						wiederholte Angabe dieses Elements</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="PDFDocument" type="xsd:base64Binary"/>
+						<xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+						<xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+						<xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Create PDF Signature Response ### -->
+	<xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/>
+	<xsd:complexType name="CreatePDFSignatureResponseType">
+		<xsd:sequence>
+			<xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Verify CMS Signature ### -->
+	<!--### Verifiy CMS Signature Request ### -->
+	<xsd:element name="VerifyCMSSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="VerifyCMSSignatureRequestType">
+					<xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+				</xsd:extension>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="VerifyCMSSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+			<xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+			<xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von
+						vertrauenswürdigen Wurzelzertifikaten spezifiziert
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify CMS Signature Response ### -->
+	<xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+	<xsd:complexType name="VerifyCMSSignatureResponseType">
+		<xsd:sequence maxOccurs="unbounded">
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is
+						supported; QualifiedCertificate is included as
+						X509Data/any;publicAuthority is included as X509Data/any;
+						SecureSignatureCreationDevice is included as X509Data/any,
+						IssuingCountry is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="SignatureCheck" type="CheckResultType"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+			<xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="VerifyASICCMSSignatureResponseType">
+		<xsd:sequence maxOccurs="unbounded">
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is
+						supported; QualifiedCertificate is included as
+						X509Data/any;publicAuthority is included as X509Data/any;
+						SecureSignatureCreationDevice is included as X509Data/any,
+						IssuingCountry is included as X509Data/any,
+						TSLInformation is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="SignatureCheck" type="CheckResultType"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+			<xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Verify PDF Signature ### -->
+	<!--### Verifiy PDF Signature Request ### -->
+	<xsd:element name="VerifyPDFSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="VerifyPDFSignatureRequestType">
+					<xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+				</xsd:extension>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="VerifyPDFSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+			<xsd:element name="PDFSignature" type="xsd:base64Binary"/>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von
+						vertrauenswürdigen Wurzelzertifikaten spezifiziert
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Verify PDF Signature ### -->
+	<!--### Verifiy ASIC Signature Request ### -->
+	<xsd:element name="VerifyASICSignatureRequest">
+		<xsd:complexType>
+			<xsd:complexContent>
+				<xsd:extension base="VerifyASICSignatureRequestType"/>
+			</xsd:complexContent>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:complexType name="VerifyASICSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+			<xsd:element name="ASICSignature" type="xsd:base64Binary"/>
+			<xsd:element name="ASICExtension" type="xsd:string">
+				<xsd:annotation>
+					<xsd:documentation>asics or asice</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von
+						vertrauenswürdigen Wurzelzertifikaten spezifiziert
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify ASIC Signature Response ### -->
+	<xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/>
+	<xsd:complexType name="VerifyASICSignatureResponseType">
+		<xsd:sequence>
+			<xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="ASICResultType">
+		<xsd:sequence>
+			<xsd:element name="signedFiles" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify CMS Signature Response ### -->
+	<xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/>
+	<xsd:complexType name="VerifyPDFSignatureResponseType">
+		<xsd:sequence maxOccurs="unbounded">
+			<xsd:element name="SignatureResult" type="PDFSignatureResultType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="PDFSignatureResultType">
+		<xsd:sequence>
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and RetrievalMethod is
+						supported; QualifiedCertificate is included as
+						X509Data/any;publicAuthority is included as X509Data/any;
+						SecureSignatureCreationDevice is included as X509Data/any,
+						IssuingCountry is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="SignatureCheck" type="CheckResultType"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+			<xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Verify XML Signature ### -->
+	<!--### Verify XML Signature Request ### -->
+	<xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+	<xsd:complexType name="VerifyXMLSignatureRequestType">
+		<xsd:sequence>
+			<xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+			<xsd:element name="VerifySignatureInfo">
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+						<xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:choice minOccurs="0" maxOccurs="unbounded">
+				<xsd:element ref="SupplementProfile"/>
+				<xsd:element name="SupplementProfileID" type="xsd:string"/>
+			</xsd:choice>
+			<xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+							<xsd:annotation>
+								<xsd:documentation>Pro dsig:Reference-Element in der zu
+									überprüfenden XML-Signatur muss hier ein
+									ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen
+									ReferenceInfo Elemente entspricht jener der dsig:Reference
+									Elemente in der XML-Signatur.</xsd:documentation>
+							</xsd:annotation>
+						</xsd:element>
+					</xsd:sequence>
+					<xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:element name="ReturnHashInputData" minOccurs="0"/>
+			<xsd:element name="TrustProfileID" type="xsd:token">
+				<xsd:annotation>
+					<xsd:documentation>mit diesem Profil wird eine Menge von
+						vertrauenswürdigen Wurzelzertifikaten spezifiziert
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--### Verify XML Signature Response ### -->
+	<xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+	<xsd:complexType name="VerifyXMLSignatureResponseType">
+		<xsd:sequence>
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+						supported; QualifiedCertificate is included as X509Data/any;
+						PublicAuthority is included as X509Data/any;
+						SecureSignatureCreationDevice is included as X509Data/any,
+						IssuingCountry is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+			<xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+			<xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+			<xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="VerifyASICXMLSignatureResponseType">
+		<xsd:sequence>
+			<xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+				<xsd:annotation>
+					<xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+						supported; QualifiedCertificate is included as X509Data/any;
+						PublicAuthority is included as X509Data/any;
+						SecureSignatureCreationDevice is included as X509Data/any,
+						IssuingCountry is included as X509Data/any</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+			<xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+			<xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+			<xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="CertificateCheck" type="CheckResultType"/>
+			<xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+			<xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:simpleType name="ProfileIdentifierType">
+		<xsd:restriction base="xsd:token"/>
+	</xsd:simpleType>
+	<xsd:complexType name="InputDataType">
+		<xsd:complexContent>
+			<xsd:extension base="ContentExLocRefBaseType">
+				<xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+					<xsd:simpleType>
+						<xsd:restriction base="xsd:token">
+							<xsd:enumeration value="SignedInfo"/>
+							<xsd:enumeration value="XMLDSIGManifest"/>
+						</xsd:restriction>
+					</xsd:simpleType>
+				</xsd:attribute>
+				<xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="MetaInfoType">
+		<xsd:sequence>
+			<xsd:element name="MimeType" type="MimeTypeType"/>
+			<xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+			<xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="FinalDataMetaInfoType">
+		<xsd:complexContent>
+			<xsd:extension base="MetaInfoType">
+				<xsd:sequence>
+					<xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="DataObjectInfoType">
+		<xsd:sequence>
+			<xsd:element name="DataObject">
+				<xsd:complexType>
+					<xsd:complexContent>
+						<xsd:extension base="ContentOptionalRefType"/>
+					</xsd:complexContent>
+				</xsd:complexType>
+			</xsd:element>
+			<xsd:choice>
+				<xsd:annotation>
+					<xsd:documentation>Auswahl: Entweder explizite Angabe EINER
+						Transformationskette inklusive ggf. sinnvoller Supplements oder
+						Verweis auf ein benanntes Profil</xsd:documentation>
+				</xsd:annotation>
+				<xsd:element ref="CreateTransformsInfoProfile"/>
+				<xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+			</xsd:choice>
+		</xsd:sequence>
+		<xsd:attribute name="Structure" use="required">
+			<xsd:simpleType>
+				<xsd:restriction base="xsd:string">
+					<xsd:enumeration value="detached"/>
+					<xsd:enumeration value="enveloping"/>
+				</xsd:restriction>
+			</xsd:simpleType>
+		</xsd:attribute>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectInfoType">
+		<xsd:sequence>
+			<xsd:element name="DataObject">
+				<xsd:complexType>
+					<xsd:complexContent>
+						<xsd:extension base="CMSDataObjectRequiredMetaType"/>
+					</xsd:complexContent>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:sequence>
+		<xsd:attribute name="Structure" use="required">
+			<xsd:simpleType>
+				<xsd:restriction base="xsd:string">
+					<xsd:enumeration value="detached"/>
+					<xsd:enumeration value="enveloping"/>
+				</xsd:restriction>
+			</xsd:simpleType>
+		</xsd:attribute>
+	</xsd:complexType>
+	<xsd:complexType name="TransformsInfoType">
+		<xsd:sequence>
+			<xsd:element ref="dsig:Transforms" minOccurs="0"/>
+			<xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="XMLDataObjectAssociationType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+			<xsd:element name="Content" type="ContentRequiredRefType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="PDFSignedRepsonse">
+		<xsd:sequence>
+			<xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+			<xsd:choice maxOccurs="1">
+				<xsd:element name="PDFSignature" type="xsd:base64Binary">
+					<xsd:annotation>
+						<xsd:documentation>Resultat, falls die Signaturerstellung
+							erfolgreich war</xsd:documentation>
+					</xsd:annotation>
+				</xsd:element>
+				<xsd:element ref="ErrorResponse"/>
+			</xsd:choice>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectOptionalMetaType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+			<xsd:element name="Content" type="CMSContentBaseType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSDataObjectRequiredMetaType">
+		<xsd:sequence>
+			<xsd:element name="MetaInfo" type="MetaInfoType"/>
+			<xsd:element name="Content" type="CMSContentBaseType"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="CMSContentBaseType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentOptionalRefType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+				</xsd:choice>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="CheckResultType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+			<xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="FormResultType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+			<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="IndicationResultType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+			<xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="ExtendedCertificateCheckResultType">
+		<xsd:sequence>
+			<xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/>
+			<xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="ReferencesCheckResultType">
+		<xsd:complexContent>
+			<xsd:restriction base="CheckResultType">
+				<xsd:sequence>
+					<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+					<xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+		<xsd:complexContent>
+			<xsd:restriction base="AnyChildrenType">
+				<xsd:sequence>
+					<xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ManifestRefsCheckResultType">
+		<xsd:complexContent>
+			<xsd:restriction base="CheckResultType">
+				<xsd:sequence>
+					<xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+					<xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+		<xsd:complexContent>
+			<xsd:restriction base="AnyChildrenType">
+				<xsd:sequence>
+					<xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+					<xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+				</xsd:sequence>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<!--########## Error Response ### -->
+	<xsd:element name="ErrorResponse" type="ErrorResponseType">
+		<xsd:annotation>
+			<xsd:documentation>Resultat, falls die Signaturerstellung gescheitert
+				ist</xsd:documentation>
+		</xsd:annotation>
+	</xsd:element>
+	<xsd:complexType name="ErrorResponseType">
+		<xsd:sequence>
+			<xsd:element name="ErrorCode" type="xsd:integer"/>
+			<xsd:element name="Info" type="xsd:string"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<!--########## Auxiliary Types ### -->
+	<xsd:simpleType name="KeyIdentifierType">
+		<xsd:restriction base="xsd:string"/>
+	</xsd:simpleType>
+	<xsd:simpleType name="KeyStorageType">
+		<xsd:restriction base="xsd:string">
+			<xsd:enumeration value="Software"/>
+			<xsd:enumeration value="Hardware"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<xsd:simpleType name="MimeTypeType">
+		<xsd:restriction base="xsd:token"/>
+	</xsd:simpleType>
+	<xsd:complexType name="AnyChildrenType" mixed="true">
+		<xsd:sequence>
+			<xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:complexType name="XMLContentType" mixed="true">
+		<xsd:complexContent>
+			<xsd:extension base="AnyChildrenType">
+				<xsd:attribute ref="xml:space" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentBaseType">
+		<xsd:choice minOccurs="0">
+			<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+			<xsd:element name="XMLContent" type="XMLContentType"/>
+			<xsd:element name="LocRefContent" type="xsd:anyURI"/>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:complexType name="ContentExLocRefBaseType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentBaseType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+					<xsd:element name="XMLContent" type="XMLContentType"/>
+				</xsd:choice>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentOptionalRefType">
+		<xsd:complexContent>
+			<xsd:extension base="ContentBaseType">
+				<xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="ContentRequiredRefType">
+		<xsd:complexContent>
+			<xsd:restriction base="ContentOptionalRefType">
+				<xsd:choice minOccurs="0">
+					<xsd:element name="Base64Content" type="xsd:base64Binary"/>
+					<xsd:element name="XMLContent" type="XMLContentType"/>
+					<xsd:element name="LocRefContent" type="xsd:anyURI"/>
+				</xsd:choice>
+				<xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+			</xsd:restriction>
+		</xsd:complexContent>
+	</xsd:complexType>
+	<xsd:complexType name="VerifyTransformsDataType">
+		<xsd:choice maxOccurs="unbounded">
+			<xsd:annotation>
+				<xsd:documentation>Ein oder mehrere Transformationswege können von
+					der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur
+					hat zumindest einem dieser Transformationswege zu entsprechen. Die
+					Angabe kann explizit oder als Profilbezeichner erfolgen.
+				</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element ref="VerifyTransformsInfoProfile"/>
+			<xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+				<xsd:annotation>
+					<xsd:documentation>Profilbezeichner für einen Transformationsweg
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+		</xsd:choice>
+	</xsd:complexType>
+	<xsd:element name="QualifiedCertificate">
+		<xsd:complexType>
+			<xsd:attribute name="source" use="optional">
+				<xsd:simpleType>
+					<xsd:restriction base="xsd:token">
+						<xsd:enumeration value="TSL"/>
+						<xsd:enumeration value="Certificate"/>
+					</xsd:restriction>
+				</xsd:simpleType>
+			</xsd:attribute>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="SecureSignatureCreationDevice">
+		<xsd:complexType>
+			<xsd:attribute name="source" use="optional">
+				<xsd:simpleType>
+					<xsd:restriction base="xsd:token">
+						<xsd:enumeration value="TSL"/>
+						<xsd:enumeration value="Certificate"/>
+					</xsd:restriction>
+				</xsd:simpleType>
+			</xsd:attribute>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="IssuingCountry" type="xsd:token"/>
+	<xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+	<xsd:complexType name="PublicAuthorityType">
+		<xsd:sequence>
+			<xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+		</xsd:sequence>
+	</xsd:complexType>
+	<xsd:simpleType name="SignatoriesType">
+		<xsd:union memberTypes="AllSignatoriesType">
+			<xsd:simpleType>
+				<xsd:list itemType="xsd:positiveInteger"/>
+			</xsd:simpleType>
+		</xsd:union>
+	</xsd:simpleType>
+	<xsd:simpleType name="AllSignatoriesType">
+		<xsd:restriction base="xsd:string">
+			<xsd:enumeration value="all"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+	<xsd:complexType name="CreateSignatureLocationType">
+		<xsd:simpleContent>
+			<xsd:extension base="xsd:token">
+				<xsd:attribute name="Index" type="xsd:integer" use="required"/>
+			</xsd:extension>
+		</xsd:simpleContent>
+	</xsd:complexType>
+	<xsd:complexType name="TransformParameterType">
+		<xsd:choice minOccurs="0">
+			<xsd:annotation>
+				<xsd:documentation>Die Angabe des Transformationsparameters
+					(explizit oder als Hashwert) kann unterlassen werden, wenn die
+					Applikation von der Unveränderlichkeit des Inhalts der in
+					"Transformationsparamter", Attribut "URI" angegebenen URI ausgehen
+					kann.</xsd:documentation>
+			</xsd:annotation>
+			<xsd:element name="Base64Content" type="xsd:base64Binary">
+				<xsd:annotation>
+					<xsd:documentation>Der Transformationsparameter explizit angegeben.
+					</xsd:documentation>
+				</xsd:annotation>
+			</xsd:element>
+			<xsd:element name="Hash">
+				<xsd:annotation>
+					<xsd:documentation>Der Hashwert des Transformationsparameters.
+					</xsd:documentation>
+				</xsd:annotation>
+				<xsd:complexType>
+					<xsd:sequence>
+						<xsd:element ref="dsig:DigestMethod"/>
+						<xsd:element ref="dsig:DigestValue"/>
+					</xsd:sequence>
+				</xsd:complexType>
+			</xsd:element>
+		</xsd:choice>
+		<xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+	</xsd:complexType>
+	<xsd:element name="CreateSignatureEnvironmentProfile">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+				<xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="VerifyTransformsInfoProfile">
+		<xsd:annotation>
+			<xsd:documentation>Explizite Angabe des Transformationswegs
+			</xsd:documentation>
+		</xsd:annotation>
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element ref="dsig:Transforms" minOccurs="0"/>
+				<xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+					<xsd:annotation>
+						<xsd:documentation>Alle impliziten Transformationsparameter, die
+							zum Durchlaufen der oben angeführten Transformationskette
+							bekannt sein müssen, müssen hier angeführt werden. Das
+							Attribut "URI" bezeichnet den Transformationsparameter in exakt
+							jener Weise, wie er in der zu überprüfenden Signatur gebraucht
+							wird.</xsd:documentation>
+					</xsd:annotation>
+				</xsd:element>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+	<xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+	<xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+	<xsd:element name="CreateTransformsInfoProfile">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+				<xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+			</xsd:sequence>
+		</xsd:complexType>
+	</xsd:element>
+</xsd:schema>