aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--moaSig/build.gradle2
-rw-r--r--moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd2
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java39
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java33
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java32
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java37
-rw-r--r--moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl132
-rw-r--r--moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd2
-rw-r--r--moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd813
9 files changed, 951 insertions, 141 deletions
diff --git a/moaSig/build.gradle b/moaSig/build.gradle
index 808a960..247bf08 100644
--- a/moaSig/build.gradle
+++ b/moaSig/build.gradle
@@ -21,7 +21,7 @@ subprojects {
testCompile 'junit:junit:4.8.2'
}
- version = '3.1.0-RC3'
+ version = '3.1.0-RC5'
jar { manifest.attributes provider: 'EGIZ', 'Specification-Version': getCheckedOutGitCommitHash(), 'Implementation-Version': project.version }
}
diff --git a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
index 4916b89..d4ed4a2 100644
--- a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
+++ b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
@@ -300,7 +300,7 @@
</xsd:complexType>
<xsd:complexType name="PDFSignatureResultType">
<xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
<xsd:annotation>
<xsd:documentation>only ds:X509Data and RetrievalMethod is
supported; QualifiedCertificate is included as
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
index 98b54a3..0ca6f8f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
@@ -36,6 +36,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElemen
import at.gv.egovernment.moa.spss.api.common.CheckResult;
import at.gv.egovernment.moa.spss.api.common.SignerInfo;
import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
+import at.gv.egovernment.moaspss.logging.Logger;
/**
* Convert a <code>VerifyCMSSignatureResponse</code> API object into its
@@ -104,22 +105,28 @@ public class VerifyPDFSignatureResponseBuilder {
CheckResult signatureCheck = responseElement.getSignatureCheck();
CheckResult certCheck = responseElement.getCertificateCheck();
- ResponseBuilderUtils.addSignerInfo(
- responseDoc,
- responseElem,
- signerInfo.getSignerCertificate(),
- signerInfo.isQualifiedCertificate(),
- signerInfo.getQCSource(),
- signerInfo.isPublicAuthority(),
- signerInfo.getPublicAuhtorityID(),
- signerInfo.isSSCD(),
- signerInfo.getSSCDSource(),
- signerInfo.getIssuerCountryCode(),
- signerInfo.getTslInfos());
-
- ResponseBuilderUtils.addSigningTime(responseDoc,
- responseElem,
- signerInfo.getSigningTime());
+ if (signerInfo != null) {
+ ResponseBuilderUtils.addSignerInfo(
+ responseDoc,
+ responseElem,
+ signerInfo.getSignerCertificate(),
+ signerInfo.isQualifiedCertificate(),
+ signerInfo.getQCSource(),
+ signerInfo.isPublicAuthority(),
+ signerInfo.getPublicAuhtorityID(),
+ signerInfo.isSSCD(),
+ signerInfo.getSSCDSource(),
+ signerInfo.getIssuerCountryCode(),
+ signerInfo.getTslInfos());
+
+ ResponseBuilderUtils.addSigningTime(responseDoc,
+ responseElem,
+ signerInfo.getSigningTime());
+
+ } else {
+ Logger.info("Find signature result with no 'SignerInfo'. Maybe a signature verification Failed");
+
+ }
ResponseBuilderUtils.addCodeInfoElement(
responseDoc,
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
index 295e861..0e592f0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -143,27 +143,30 @@ public class SystemInitializer {
// initialize configuration
try {
- ConfigurationProvider config = ConfigurationProvider.getInstance();
- Logger.info("Building ConfigurationData");
- ConfigurationData configData = new IaikConfigurator().configure(config);
+ Logger.info("Initialize MOA-SP/SS configuration ... ");
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
- //initialize TSL module
- TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();
- if (moaSPTslConfig != null) {
- TslConfigurationImpl tslConfig = new TslConfigurationImpl();
- tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
- tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
- tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
+ //initialize TSL module
+ TSLConfiguration moaSPTslConfig = config.getTSLConfiguration();
+ if (moaSPTslConfig != null) {
+ Logger.debug("Starting TSL-Service initialization ... ");
+ TslConfigurationImpl tslConfig = new TslConfigurationImpl();
+ tslConfig.setEuTslURL(moaSPTslConfig.getEuTSLUrl());
+ tslConfig.setTslWorkingDirectory(moaSPTslConfig.getWorkingDirectory());
+ tslConfig.setNetworkReadTimeout(config.getReadTimeout() / 1000);
- Logger.info(new LogMsg(msg.getMessage("config.41", null)));
- TSLServiceFactory.initialize(tslConfig);
- Logger.info("TSL-Service client initialization finished");
+ Logger.info(new LogMsg(msg.getMessage("config.41", null)));
+ TSLServiceFactory.initialize(tslConfig);
+ Logger.info("TSL-Service client initialization finished");
- //initialize TSL Update Task
- initTSLUpdateTask(moaSPTslConfig);
+ //initialize TSL Update Task
+ initTSLUpdateTask(moaSPTslConfig);
}
+ Logger.info("Building IAIK-MOA configuration ... ");
+ new IaikConfigurator().configure(config);
+
runInitializer(config);
Logger.info(new LogMsg(msg.getMessage("init.01", null)));
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 1508b42..c0beced 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -361,25 +361,27 @@ public class CMSSignatureVerificationInvoker {
String issuerCountryCode = null;
// QC/SSCD check
+
+ if (cmsResult.getCertificateValidationResult() != null) {
+ List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+ if (list != null) {
+ X509Certificate[] chain = new X509Certificate[list.size()];
+
+ Iterator it = list.iterator();
+ int i = 0;
+ while (it.hasNext()) {
+ chain[i] = (X509Certificate) it.next();
+ i++;
+ }
- List list = cmsResult.getCertificateValidationResult().getCertificateChain();
- if (list != null) {
- X509Certificate[] chain = new X509Certificate[list.size()];
-
- Iterator it = list.iterator();
- int i = 0;
- while (it.hasNext()) {
- chain[i] = (X509Certificate) it.next();
- i++;
- }
-
- qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
+ qcsscdresult = CertificateUtils.checkQCSSCD(chain, cmsResult.getSigningTime(), trustProfile.isTSLEnabled(), ConfigurationProvider.getInstance());
- // get signer certificate issuer country code
- issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+ // get signer certificate issuer country code
+ issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+ }
}
-
+
responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults,
extCheckResult, qcsscdresult.getTslInfos());
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 5ada287..f4121b0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -151,28 +151,33 @@ public class VerifyCMSSignatureResponseBuilder {
result.getCertificateValidationResult();
int signatureCheckCode =
result.getSignatureValueVerificationCode().intValue();
- int certificateCheckCode = certResult.getValidationResultCode().intValue();
-
+
VerifyCMSSignatureResponseElement responseElement;
- SignerInfo signerInfo;
+ SignerInfo signerInfo = null;
CheckResult signatureCheck;
CheckResult certificateCheck;
boolean qualifiedCertificate = checkQC;
- // add SignerInfo element
- signerInfo =
- factory.createSignerInfo(
- (X509Certificate) certResult.getCertificateChain().get(0),
- qualifiedCertificate,
- qcSourceTSL,
- certResult.isPublicAuthorityCertificate(),
- certResult.getPublicAuthorityID(),
- checkSSCD,
- sscdSourceTSL,
- issuerCountryCode,
- result.getSigningTime(),
- tslInfos);
+ //set code 99 if not certcheckresult exists
+ int certificateCheckCode = 99;
+ if (certResult != null) {
+ certificateCheckCode = certResult.getValidationResultCode().intValue();
+
+ // add SignerInfo element
+ signerInfo =
+ factory.createSignerInfo(
+ (X509Certificate) certResult.getCertificateChain().get(0),
+ qualifiedCertificate,
+ qcSourceTSL,
+ certResult.isPublicAuthorityCertificate(),
+ certResult.getPublicAuthorityID(),
+ checkSSCD,
+ sscdSourceTSL,
+ issuerCountryCode,
+ result.getSigningTime(),
+ tslInfos);
+ }
// add SignatureCheck element
signatureCheck = factory.createCheckResult(signatureCheckCode, null);
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
index 2bcadc6..f822a52 100644
--- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
@@ -1,65 +1,56 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Web Service Description for MOA SP/SS 1.4 -->
-<definitions xmlns="http://schemas.xmlsoap.org/wsdl/"
- xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#"
- xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
- xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#"
- xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"
- location="../schemas/MOA-SPSS-2.0.0.xsd" />
+<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../schemas/MOA-SPSS-3.0.0.xsd"/>
<message name="CreateCMSSignatureInput">
- <part name="body" element="moa:CreateCMSSignatureRequest" />
+ <part name="body" element="moa:CreateCMSSignatureRequest"/>
</message>
<message name="CreateCMSSignatureOutput">
- <part name="body" element="moa:CreateCMSSignatureResponse" />
+ <part name="body" element="moa:CreateCMSSignatureResponse"/>
</message>
- <!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/>
- </message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/>
- </message -->
<message name="CreateXMLSignatureInput">
- <part name="body" element="moa:CreateXMLSignatureRequest" />
+ <part name="body" element="moa:CreateXMLSignatureRequest"/>
</message>
<message name="CreateXMLSignatureOutput">
- <part name="body" element="moa:CreateXMLSignatureResponse" />
+ <part name="body" element="moa:CreateXMLSignatureResponse"/>
</message>
<message name="VerifyCMSSignatureInput">
- <part name="body" element="moa:VerifyCMSSignatureRequest" />
+ <part name="body" element="moa:VerifyCMSSignatureRequest"/>
</message>
<message name="VerifyCMSSignatureOutput">
- <part name="body" element="moa:VerifyCMSSignatureResponse" />
+ <part name="body" element="moa:VerifyCMSSignatureResponse"/>
</message>
<message name="VerifyPDFSignatureInput">
- <part name="body" element="moa:VerifyPDFSignatureRequest" />
+ <part name="body" element="moa:VerifyPDFSignatureRequest"/>
</message>
<message name="VerifyPDFSignatureOutput">
- <part name="body" element="moa:VerifyPDFSignatureResponse" />
+ <part name="body" element="moa:VerifyPDFSignatureResponse"/>
</message>
<message name="VerifyASICSignatureInput">
- <part name="body" element="moa:VerifyASICSignatureRequest" />
+ <part name="body" element="moa:VerifyASICSignatureRequest"/>
</message>
<message name="VerifyASICSignatureOutput">
- <part name="body" element="moa:VerifyASICSignatureResponse" />
+ <part name="body" element="moa:VerifyASICSignatureResponse"/>
</message>
<message name="VerifyXMLSignatureInput">
- <part name="body" element="moa:VerifyXMLSignatureRequest" />
+ <part name="body" element="moa:VerifyXMLSignatureRequest"/>
</message>
<message name="VerifyXMLSignatureOutput">
- <part name="body" element="moa:VerifyXMLSignatureResponse" />
+ <part name="body" element="moa:VerifyXMLSignatureResponse"/>
</message>
<message name="MOAFault">
- <part name="body" element="moa:ErrorResponse" />
+ <part name="body" element="moa:ErrorResponse"/>
</message>
<portType name="SignatureCreationPortType">
<operation name="createXMLSignature">
- <input message="tns:CreateXMLSignatureInput" />
- <output message="tns:CreateXMLSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:CreateXMLSignatureInput"/>
+ <output message="tns:CreateXMLSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="createCMSSignature">
- <input message="tns:CreateCMSSignatureInput" />
- <output message="tns:CreateCMSSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:CreateCMSSignatureInput"/>
+ <output message="tns:CreateCMSSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<!-- operation name="createPDFSignature"> <input message="tns:CreatePDFSignatureInput"/>
<output message="tns:CreatePDFSignatureOutput"/> <fault name="MOAFault" message="tns:MOAFault"/>
@@ -67,52 +58,47 @@
</portType>
<portType name="SignatureVerificationPortType">
<operation name="verifyCMSSignature">
- <input message="tns:VerifyCMSSignatureInput" />
- <output message="tns:VerifyCMSSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyCMSSignatureInput"/>
+ <output message="tns:VerifyCMSSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyXMLSignature">
- <input message="tns:VerifyXMLSignatureInput" />
- <output message="tns:VerifyXMLSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyXMLSignatureInput"/>
+ <output message="tns:VerifyXMLSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyPDFSignature">
- <input message="tns:VerifyPDFSignatureInput" />
- <output message="tns:VerifyPDFSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyPDFSignatureInput"/>
+ <output message="tns:VerifyPDFSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
<operation name="verifyASICSignature">
- <input message="tns:VerifyASICSignatureInput" />
- <output message="tns:VerifyASICSignatureOutput" />
- <fault name="MOAFault" message="tns:MOAFault" />
+ <input message="tns:VerifyASICSignatureInput"/>
+ <output message="tns:VerifyASICSignatureOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
</operation>
</portType>
<binding name="SignatureCreationBinding" type="tns:SignatureCreationPortType">
- <soap:binding style="document"
- transport="http://schemas.xmlsoap.org/soap/http" />
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="createXMLSignature">
- <soap:operation soapAction="urn:CreateXMLSignatureAction" />
+ <soap:operation soapAction="urn:CreateXMLSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="createCMSSignature">
- <soap:operation soapAction="urn:CreateCMSSignatureAction" />
+ <soap:operation soapAction="urn:CreateCMSSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
@@ -126,59 +112,50 @@
<!-- /fault> </operation -->
</binding>
<binding name="SignatureVerificationBinding" type="tns:SignatureVerificationPortType">
- <soap:binding style="document"
- transport="http://schemas.xmlsoap.org/soap/http" />
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="verifyCMSSignature">
- <soap:operation soapAction="urn:VerifyCMSSignatureAction" />
+ <soap:operation soapAction="urn:VerifyCMSSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyXMLSignature">
- <soap:operation soapAction="urn:VerifyXMLSignatureAction" />
+ <soap:operation soapAction="urn:VerifyXMLSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyPDFSignature">
- <soap:operation soapAction="urn:VerifyPDFSignatureAction" />
+ <soap:operation soapAction="urn:VerifyPDFSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
</fault>
</operation>
<operation name="verifyASICSignature">
- <soap:operation soapAction="urn:VerifyASICSignatureAction" />
+ <soap:operation soapAction="urn:VerifyASICSignatureAction"/>
<input>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</input>
<output>
- <soap:body use="literal"
- namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" />
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
</output>
<fault name="MOAFault">
<!-- soap:fault name="" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/ -->
@@ -197,4 +174,7 @@
URL. <soap:address location="http://localhost/moa-spss/services/SignatureVerification"/> -->
</port>
</service>
+ <!-- message name="CreatePDFSignatureInput"> <part name="body" element="moa:CreatePDFSignatureRequest"/>
+ </message> <message name="CreatePDFSignatureOutput"> <part name="body" element="moa:CreatePDFSignatureResponse"/>
+ </message -->
</definitions>
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
index 4916b89..d4ed4a2 100644
--- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.0.0.xsd
@@ -300,7 +300,7 @@
</xsd:complexType>
<xsd:complexType name="PDFSignatureResultType">
<xsd:sequence>
- <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
<xsd:annotation>
<xsd:documentation>only ds:X509Data and RetrievalMethod is
supported; QualifiedCertificate is included as
diff --git a/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd
new file mode 100644
index 0000000..d4ed4a2
--- /dev/null
+++ b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.0.0.xsd
@@ -0,0 +1,813 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- MOA SP/SS 2.0.0 Schema -->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create CMS Signature ### -->
+ <!--### Create CMS Signature Request ### -->
+ <xsd:element name="CreateCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateCMSSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectInfoType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create CMS Signature Response ### -->
+ <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+ <xsd:complexType name="CreateCMSSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--########## Create XML Signature ### -->
+ <!--### Create XML Signature Request ### -->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des
+ Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit
+ der Signaturumgebung, oder Verweis auf ein benanntes Profil
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ### -->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Create PDF Signature ### -->
+ <!--### Create PDF Signature Request ### -->
+ <xsd:element name="CreatePDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreatePDFSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreatePDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="PDFDocument" type="xsd:base64Binary"/>
+ <xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create PDF Signature Response ### -->
+ <xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/>
+ <xsd:complexType name="CreatePDFSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ### -->
+ <!--### Verifiy CMS Signature Request ### -->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any,
+ TSLInformation is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy PDF Signature Request ### -->
+ <xsd:element name="VerifyPDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyPDFSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyPDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="PDFSignature" type="xsd:base64Binary"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy ASIC Signature Request ### -->
+ <xsd:element name="VerifyASICSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyASICSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyASICSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="ASICSignature" type="xsd:base64Binary"/>
+ <xsd:element name="ASICExtension" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>asics or asice</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify ASIC Signature Response ### -->
+ <xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/>
+ <xsd:complexType name="VerifyASICSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ASICResultType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/>
+ <xsd:complexType name="VerifyPDFSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignatureResult" type="PDFSignatureResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignatureResultType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify XML Signature ### -->
+ <!--### Verify XML Signature Request ### -->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu
+ überprüfenden XML-Signatur muss hier ein
+ ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen
+ ReferenceInfo Elemente entspricht jener der dsig:Reference
+ Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ### -->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER
+ Transformationskette inklusive ggf. sinnvoller Supplements oder
+ Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectRequiredMetaType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignedRepsonse">
+ <xsd:sequence>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:choice maxOccurs="1">
+ <xsd:element name="PDFSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectRequiredMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FormResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IndicationResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ExtendedCertificateCheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ### -->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert
+ ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ### -->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent>
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von
+ der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur
+ hat zumindest einem dieser Transformationswege zu entsprechen. Die
+ Angabe kann explizit oder als Profilbezeichner erfolgen.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SecureSignatureCreationDevice">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IssuingCountry" type="xsd:token"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters
+ (explizit oder als Hashwert) kann unterlassen werden, wenn die
+ Applikation von der Unveränderlichkeit des Inhalts der in
+ "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen
+ kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die
+ zum Durchlaufen der oben angeführten Transformationskette
+ bekannt sein müssen, müssen hier angeführt werden. Das
+ Attribut "URI" bezeichnet den Transformationsparameter in exakt
+ jener Weise, wie er in der zu überprüfenden Signatur gebraucht
+ wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>