aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--moaSig/common/src/main/java/at/gv/egovernment/moaspss/util/Constants.java2
-rw-r--r--moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd841
-rw-r--r--moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java4
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java6
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java4
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java5
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java23
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java32
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java19
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java5
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java49
-rw-r--r--moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java2
-rw-r--r--moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl2
-rw-r--r--moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd841
-rw-r--r--moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.1.2.xsd841
-rw-r--r--release-infos/handbook/handbook/config/MOA-SPSS-config-3.0.0.xsd2
16 files changed, 2647 insertions, 31 deletions
diff --git a/moaSig/common/src/main/java/at/gv/egovernment/moaspss/util/Constants.java b/moaSig/common/src/main/java/at/gv/egovernment/moaspss/util/Constants.java
index 04ee88d..0065821 100644
--- a/moaSig/common/src/main/java/at/gv/egovernment/moaspss/util/Constants.java
+++ b/moaSig/common/src/main/java/at/gv/egovernment/moaspss/util/Constants.java
@@ -83,7 +83,7 @@ public interface Constants {
/** Local location of the MOA XML schema definition. */
public static final String MOA_SCHEMA_LOCATION =
- SCHEMA_ROOT + "MOA-SPSS-3.1.0.xsd";
+ SCHEMA_ROOT + "MOA-SPSS-3.1.2.xsd";
/** URI of the MOA configuration XML namespace. */
public static final String MOA_CONFIG_NS_URI =
diff --git a/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd
new file mode 100644
index 0000000..f8ad010
--- /dev/null
+++ b/moaSig/common/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd
@@ -0,0 +1,841 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- MOA SP/SS 2.0.0 Schema -->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create CMS Signature ### -->
+ <!--### Create CMS Signature Request ### -->
+ <xsd:element name="CreateCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateCMSSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectInfoType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ <xsd:attribute name="PAdESConformity" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create CMS Signature Response ### -->
+ <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+ <xsd:complexType name="CreateCMSSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--########## Create XML Signature ### -->
+ <!--### Create XML Signature Request ### -->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des
+ Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit
+ der Signaturumgebung, oder Verweis auf ein benanntes Profil
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ### -->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Create PDF Signature ### -->
+ <!--### Create PDF Signature Request ### -->
+ <xsd:element name="CreatePDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreatePDFSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreatePDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="PDFDocument" type="xsd:base64Binary"/>
+ <xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create PDF Signature Response ### -->
+ <xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/>
+ <xsd:complexType name="CreatePDFSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ### -->
+ <!--### Verifiy CMS Signature Request ### -->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any,
+ TSLInformation is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy PDF Signature Request ### -->
+ <xsd:element name="VerifyPDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyPDFSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyPDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="PDFSignature" type="xsd:base64Binary"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy ASIC Signature Request ### -->
+ <xsd:element name="VerifyASICSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyASICSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyASICSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="ASICSignature" type="xsd:base64Binary"/>
+ <xsd:element name="ASICExtension" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>asics or asice</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify ASIC Signature Response ### -->
+ <xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/>
+ <xsd:complexType name="VerifyASICSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--xsd:complexType name="signedFilesType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" type="xsd:string">
+ </xsd:sequence>
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:complexType-->
+ <xsd:complexType name="ASICResultType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/>
+ <xsd:complexType name="VerifyPDFSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignatureResult" type="PDFSignatureResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignatureResultType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureProperties" type="PDFSignatureProperties" minOccurs="0" maxOccurs="1" />
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <xsd:complexType name="PDFSignatureProperties">
+ <xsd:sequence>
+ <xsd:element name="SignatureCoversFullPDF" type="xsd:boolean" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureByteRange" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <!--########## Verify XML Signature ### -->
+ <!--### Verify XML Signature Request ### -->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu
+ überprüfenden XML-Signatur muss hier ein
+ ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen
+ ReferenceInfo Elemente entspricht jener der dsig:Reference
+ Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ### -->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ <xsd:attribute name="HashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER
+ Transformationskette inklusive ggf. sinnvoller Supplements oder
+ Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectRequiredMetaType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignedRepsonse">
+ <xsd:sequence>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:choice maxOccurs="1">
+ <xsd:element name="PDFSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectRequiredMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FormResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IndicationResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ExtendedCertificateCheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ### -->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert
+ ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ### -->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent>
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von
+ der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur
+ hat zumindest einem dieser Transformationswege zu entsprechen. Die
+ Angabe kann explizit oder als Profilbezeichner erfolgen.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SecureSignatureCreationDevice">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IssuingCountry" type="xsd:token"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters
+ (explizit oder als Hashwert) kann unterlassen werden, wenn die
+ Applikation von der Unveränderlichkeit des Inhalts der in
+ "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen
+ kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die
+ zum Durchlaufen der oben angeführten Transformationskette
+ bekannt sein müssen, müssen hier angeführt werden. Das
+ Attribut "URI" bezeichnet den Transformationsparameter in exakt
+ jener Weise, wie er in der zu überprüfenden Signatur gebraucht
+ wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
diff --git a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java
index c227a9d..4dda99f 100644
--- a/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java
+++ b/moaSig/moa-asic/src/main/java/at/gv/egiz/asic/impl/verifier/ExtendedCAdESVerifier.java
@@ -151,7 +151,9 @@ public class ExtendedCAdESVerifier extends CAdESVerifier {
orig.getCertificateCheck(),
orig.getAdESFormResults(),
orig.getExtendedCertificateCheck(),
- orig.getSignatureAlgorithm());
+ orig.getSignatureAlgorithm(),
+ null,
+ null);
responseElements.add(responseElement);
}
VerifyCMSSignatureResponse verifyCMSSignatureResponse = SPSSFactory.getInstance().
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
index 36d5461..d7cd10c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -566,7 +566,7 @@ public abstract class SPSSFactory {
* Create a new <code>VerifyCMSSignatureResponseElement</code> object.
*
* @param signerInfo Information about the signer certificate.
- * @param signatureCheck Result of the singature value check.
+ * @param signatureCheck Result of the signature value check.
* @param certificateCheck Result of the certificate status check.
* @return The new <code>VerifyCMSSignatureResponseElement</code> containing
* the above data.
@@ -581,7 +581,9 @@ public abstract class SPSSFactory {
CheckResult certificateCheck,
List adesResult,
ExtendedCertificateCheckResult extendedCertificateCheckResult,
- String usedAlgorithm);
+ String usedAlgorithm,
+ Boolean coversFullDocument,
+ int[] byteRangeOfSignature);
//
// Factory methods for verifying XML signatures
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
index 38106e7..ec540bf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureResponseElement.java
@@ -69,4 +69,8 @@ public interface VerifyCMSSignatureResponseElement {
public ExtendedCertificateCheckResult getExtendedCertificateCheck();
public String getSignatureAlgorithm();
+
+ public Boolean getCoversFullDocument();
+
+ public int[] getByteRangeOfSignature();
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
index d743f16..2525a2f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -283,7 +283,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(SignerInfo signerInfo,
CheckResult signatureCheck, CheckResult certificateCheck, List adesResult,
- ExtendedCertificateCheckResult extendedCertificateCheckResult, String usedAlgorithm) {
+ ExtendedCertificateCheckResult extendedCertificateCheckResult, String usedAlgorithm, Boolean coversFullDocument,
+ int[] byteRangeOfSignature) {
VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement = new VerifyCMSSignatureResponseElementImpl();
verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
@@ -291,6 +292,8 @@ public class SPSSFactoryImpl extends SPSSFactory {
verifyCMSSignatureResponseElement.setAdESFormResults(adesResult);
verifyCMSSignatureResponseElement.setExtendedCertificateCheck(extendedCertificateCheckResult);
verifyCMSSignatureResponseElement.setSignatureAlgorithm(usedAlgorithm);
+ verifyCMSSignatureResponseElement.setCoversFullDocument(coversFullDocument);
+ verifyCMSSignatureResponseElement.setByteRangeOfSignature(byteRangeOfSignature);
return verifyCMSSignatureResponseElement;
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
index 1d40627..3ea504b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureResponseElementImpl.java
@@ -53,6 +53,10 @@ public class VerifyCMSSignatureResponseElementImpl
private String usedAlgorithm = null;
+ private Boolean coversFullDocument = null;
+
+ private int[] byteRangeOfSignature = null;
+
/**
* Sets a SignerInfo element according to CMS.
*
@@ -117,6 +121,25 @@ public class VerifyCMSSignatureResponseElementImpl
public void setSignatureAlgorithm(String usedAlgorithm) {
this.usedAlgorithm = usedAlgorithm;
}
+
+ @Override
+ public Boolean getCoversFullDocument() {
+ return coversFullDocument;
+ }
+
+ public void setCoversFullDocument(Boolean coversFullDocument) {
+ this.coversFullDocument = coversFullDocument;
+ }
+
+ @Override
+ public int[] getByteRangeOfSignature() {
+ return byteRangeOfSignature;
+ }
+
+ public void setByteRangeOfSignature(int[] byteRangeOfSignature) {
+ this.byteRangeOfSignature = byteRangeOfSignature;
+ }
+
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
index a21e693..a7113fd 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
@@ -38,6 +38,7 @@ import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
+import org.apache.commons.lang3.StringUtils;
import org.w3c.dom.DOMImplementation;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -399,6 +400,37 @@ public class ResponseBuilderUtils {
}
}
+ public static void addSignatureCoversFullPDF(Document response,
+ Element root,
+ Boolean coversFull) {
+ if( coversFull != null) {
+ Element extElem = response.createElementNS(MOA_NS_URI, "SignatureCoversFullPDF");
+ extElem.appendChild(response.createTextNode(String.valueOf(coversFull)));
+ root.appendChild(extElem);
+ }
+ }
+
+ public static void addSignatureByteRange(Document response,
+ Element root,
+ int[] byteRange) {
+ if(byteRange != null) {
+ String byteRangeTextual = StringUtils.EMPTY;
+ for (int el : byteRange)
+ byteRangeTextual += "," + String.valueOf(el);
+
+ Element extElem = response.createElementNS(MOA_NS_URI, "SignatureByteRange");
+ extElem.appendChild(response.createTextNode(byteRangeTextual.substring(1)));
+ root.appendChild(extElem);
+ }
+ }
+
+ public static Element createAndAddChildElement(Document response, Element root, String name) {
+ Element element = response.createElementNS(MOA_NS_URI, name);
+ root.appendChild(element);
+ return element;
+
+ }
+
public static void addHashAlgorithm(Document response,
Element root,
String algorithm) {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
index 8b10191..499f514 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
@@ -129,11 +129,9 @@ public class VerifyPDFSignatureResponseBuilder {
}
-
ResponseBuilderUtils.addSignatureAlgorithm(responseDoc,
- responseElem,
- responseElement.getSignatureAlgorithm());
-
+ responseElem,
+ responseElement.getSignatureAlgorithm());
ResponseBuilderUtils.addCodeInfoElement(
responseDoc,
@@ -167,6 +165,19 @@ public class VerifyPDFSignatureResponseBuilder {
ResponseBuilderUtils.addExtendendResult(responseDoc, responseElem, responseElement.getExtendedCertificateCheck());
}
+
+ //add additional PDF signature properteis
+ if (responseElement.getCoversFullDocument() != null ||
+ responseElement.getByteRangeOfSignature() != null) {
+ Element pdfSigProps = ResponseBuilderUtils.createAndAddChildElement(responseDoc, responseElem, "SignatureProperties");
+ ResponseBuilderUtils.addSignatureCoversFullPDF(responseDoc,
+ pdfSigProps,
+ responseElement.getCoversFullDocument());
+ ResponseBuilderUtils.addSignatureByteRange(responseDoc,
+ pdfSigProps,
+ responseElement.getByteRangeOfSignature());
+ }
+
}
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index b2c6717..74fa9ab 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -342,6 +342,8 @@ public class CMSSignatureVerificationInvoker {
PDFSignatureVerificationResult cmsResult = null;
List adesResults = null;
boolean extendedVerification = false;
+ Boolean coversFullDoc = null;
+ int[] sigByteRange = null;
ExtendedCertificateCheckResult extCheckResult = null;
if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
@@ -357,8 +359,7 @@ public class CMSSignatureVerificationInvoker {
Logger.debug("ADES Formresults: " + adesIterator.next().toString());
}
-
- cmsResult = result.getPDFSignatureVerificationResult();
+
try {
Logger.debug("Extended Validation Code: " + result.getResultCode().toString());
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index 22bae71..2b2e2cf 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -132,23 +132,27 @@ public class VerifyCMSSignatureResponseBuilder {
certificateCheck,
adesResults,
extendedCertificateCheckResult,
- sigAlgName);
+ sigAlgName,
+ null,
+ null);
responseElements.add(responseElement);
}
- /**
- * Add a verification result to the response.
- *
- * @param result The result to add.
- * @param trustprofile The actual trustprofile
- * @param checkQCFromTSL <code>true</code>, if the TSL check verifies the
- * certificate as qualified, otherwise <code>false</code>.
- * @param checkSSCD <code>true</code>, if the TSL check verifies the
- * signature based on a SSDC, otherwise <code>false</code>.
- * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL,
- * otherwise <code>false</code>.
- * @throws MOAException
- */
+/**
+ *
+ * @param result
+ * @param trustProfile
+ * @param checkQC
+ * @param qcSourceTSL
+ * @param checkSSCD
+ * @param sscdSourceTSL
+ * @param issuerCountryCode
+ * @param adesResults
+ * @param extendedCertificateCheckResult
+ * @param tslInfos
+ * @param extendedVerification
+ * @throws MOAException
+ */
public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults,
ExtendedCertificateCheckResult extendedCertificateCheckResult, TslInfos tslInfos, boolean extendedVerification)
throws MOAException {
@@ -167,10 +171,17 @@ public class VerifyCMSSignatureResponseBuilder {
//add signature algorithm name in case of extended validation
String sigAlgName = null;
- if (extendedVerification)
- sigAlgName = result.getSignatureAlgorithmName();
-
+ Boolean coversFullDoc = null;
+ int[] sigByteRange = null;
+ if (extendedVerification) {
+ sigAlgName = result.getSignatureAlgorithmName();
+ coversFullDoc = result.byteRangeCoversWholeDocument();
+ sigByteRange = result.getByteRange();
+
+ }
+
+
//set code 99 if not certcheckresult exists
int certificateCheckCode = 99;
if (certResult != null) {
@@ -205,7 +216,9 @@ public class VerifyCMSSignatureResponseBuilder {
certificateCheck,
adesResults,
extendedCertificateCheckResult,
- sigAlgName);
+ sigAlgName,
+ coversFullDoc,
+ sigByteRange);
responseElements.add(responseElement);
}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
index 5060672..738801c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/AdESResultUtils.java
@@ -108,6 +108,8 @@ public class AdESResultUtils {
minorInfo = "UNKNOWN_COMMITMENT_TYPE";
} else if (resultCode.getCode().equals(ResultCode.SUCCESS)) {
minorInfo = "SUCCESS";
+ } else if (resultCode.getCode().equals(ResultCode.ERROR)) {
+ minorInfo = "ERROR";
} else if (resultCode.getCode().equals(ResultCode.UNKNOWN_SUBFILTER)) {
minorInfo = "UNKNOWN_SUBFILTER";
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
index b0a7e3e..c94e597 100644
--- a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-2.0.0.wsdl
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Web Service Description for MOA SP/SS 1.4 -->
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../schemas/MOA-SPSS-3.1.1.xsd"/>
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="../schemas/MOA-SPSS-3.1.2.xsd"/>
<message name="CreateCMSSignatureInput">
<part name="body" element="moa:CreateCMSSignatureRequest"/>
</message>
diff --git a/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd
new file mode 100644
index 0000000..f8ad010
--- /dev/null
+++ b/moaSig/moa-sig/src/main/resources/resources/schemas/MOA-SPSS-3.1.2.xsd
@@ -0,0 +1,841 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- MOA SP/SS 2.0.0 Schema -->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create CMS Signature ### -->
+ <!--### Create CMS Signature Request ### -->
+ <xsd:element name="CreateCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateCMSSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectInfoType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ <xsd:attribute name="PAdESConformity" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create CMS Signature Response ### -->
+ <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+ <xsd:complexType name="CreateCMSSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--########## Create XML Signature ### -->
+ <!--### Create XML Signature Request ### -->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des
+ Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit
+ der Signaturumgebung, oder Verweis auf ein benanntes Profil
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ### -->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Create PDF Signature ### -->
+ <!--### Create PDF Signature Request ### -->
+ <xsd:element name="CreatePDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreatePDFSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreatePDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="PDFDocument" type="xsd:base64Binary"/>
+ <xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create PDF Signature Response ### -->
+ <xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/>
+ <xsd:complexType name="CreatePDFSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ### -->
+ <!--### Verifiy CMS Signature Request ### -->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any,
+ TSLInformation is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy PDF Signature Request ### -->
+ <xsd:element name="VerifyPDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyPDFSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyPDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="PDFSignature" type="xsd:base64Binary"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy ASIC Signature Request ### -->
+ <xsd:element name="VerifyASICSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyASICSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyASICSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="ASICSignature" type="xsd:base64Binary"/>
+ <xsd:element name="ASICExtension" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>asics or asice</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify ASIC Signature Response ### -->
+ <xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/>
+ <xsd:complexType name="VerifyASICSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--xsd:complexType name="signedFilesType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" type="xsd:string">
+ </xsd:sequence>
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:complexType-->
+ <xsd:complexType name="ASICResultType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/>
+ <xsd:complexType name="VerifyPDFSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignatureResult" type="PDFSignatureResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignatureResultType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureProperties" type="PDFSignatureProperties" minOccurs="0" maxOccurs="1" />
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <xsd:complexType name="PDFSignatureProperties">
+ <xsd:sequence>
+ <xsd:element name="SignatureCoversFullPDF" type="xsd:boolean" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureByteRange" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <!--########## Verify XML Signature ### -->
+ <!--### Verify XML Signature Request ### -->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu
+ überprüfenden XML-Signatur muss hier ein
+ ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen
+ ReferenceInfo Elemente entspricht jener der dsig:Reference
+ Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ### -->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ <xsd:attribute name="HashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER
+ Transformationskette inklusive ggf. sinnvoller Supplements oder
+ Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectRequiredMetaType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignedRepsonse">
+ <xsd:sequence>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:choice maxOccurs="1">
+ <xsd:element name="PDFSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectRequiredMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FormResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IndicationResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ExtendedCertificateCheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ### -->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert
+ ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ### -->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent>
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von
+ der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur
+ hat zumindest einem dieser Transformationswege zu entsprechen. Die
+ Angabe kann explizit oder als Profilbezeichner erfolgen.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SecureSignatureCreationDevice">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IssuingCountry" type="xsd:token"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters
+ (explizit oder als Hashwert) kann unterlassen werden, wenn die
+ Applikation von der Unveränderlichkeit des Inhalts der in
+ "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen
+ kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die
+ zum Durchlaufen der oben angeführten Transformationskette
+ bekannt sein müssen, müssen hier angeführt werden. Das
+ Attribut "URI" bezeichnet den Transformationsparameter in exakt
+ jener Weise, wie er in der zu überprüfenden Signatur gebraucht
+ wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
diff --git a/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.1.2.xsd b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.1.2.xsd
new file mode 100644
index 0000000..f8ad010
--- /dev/null
+++ b/moaSig/moa-sig/src/main/webapp/schemas/MOA-SPSS-3.1.2.xsd
@@ -0,0 +1,841 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- MOA SP/SS 2.0.0 Schema -->
+<xsd:schema xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create CMS Signature ### -->
+ <!--### Create CMS Signature Request ### -->
+ <xsd:element name="CreateCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateCMSSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectInfoType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ <xsd:attribute name="PAdESConformity" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create CMS Signature Response ### -->
+ <xsd:element name="CreateCMSSignatureResponse" type="CreateCMSSignatureResponseType"/>
+ <xsd:complexType name="CreateCMSSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <!--########## Create XML Signature ### -->
+ <!--### Create XML Signature Request ### -->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des
+ Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit
+ der Signaturumgebung, oder Verweis auf ein benanntes Profil
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ### -->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine
+ Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Create PDF Signature ### -->
+ <!--### Create PDF Signature Request ### -->
+ <xsd:element name="CreatePDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreatePDFSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreatePDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch
+ wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="PDFDocument" type="xsd:base64Binary"/>
+ <xsd:element name="SignatureProfile" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignaturePosition" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create PDF Signature Response ### -->
+ <xsd:element name="CreatePDFSignatureResponse" type="CreatePDFSignatureResponseType"/>
+ <xsd:complexType name="CreatePDFSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="PDFSignature" type="PDFSignedRepsonse" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify CMS Signature ### -->
+ <!--### Verifiy CMS Signature Request ### -->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any,
+ TSLInformation is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy PDF Signature Request ### -->
+ <xsd:element name="VerifyPDFSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyPDFSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyPDFSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="PDFSignature" type="xsd:base64Binary"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify PDF Signature ### -->
+ <!--### Verifiy ASIC Signature Request ### -->
+ <xsd:element name="VerifyASICSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyASICSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyASICSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="ASICSignature" type="xsd:base64Binary"/>
+ <xsd:element name="ASICExtension" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>asics or asice</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify ASIC Signature Response ### -->
+ <xsd:element name="VerifyASICSignatureResponse" type="VerifyASICSignatureResponseType"/>
+ <xsd:complexType name="VerifyASICSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="ASiCSignatureResult" type="ASICResultType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--xsd:complexType name="signedFilesType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" type="xsd:string">
+ </xsd:sequence>
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:complexType-->
+ <xsd:complexType name="ASICResultType">
+ <xsd:sequence>
+ <xsd:element name="signedFiles" minOccurs="0" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:string">
+ <xsd:attribute name="hashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="XMLSignatureResult" type="VerifyASICXMLSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CMSSignatureResult" type="VerifyASICCMSSignatureResponseType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ### -->
+ <xsd:element name="VerifyPDFSignatureResponse" type="VerifyPDFSignatureResponseType"/>
+ <xsd:complexType name="VerifyPDFSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignatureResult" type="PDFSignatureResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignatureResultType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType" minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is
+ supported; QualifiedCertificate is included as
+ X509Data/any;publicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureProperties" type="PDFSignatureProperties" minOccurs="0" maxOccurs="1" />
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <xsd:complexType name="PDFSignatureProperties">
+ <xsd:sequence>
+ <xsd:element name="SignatureCoversFullPDF" type="xsd:boolean" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureByteRange" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
+ <!--########## Verify XML Signature ### -->
+ <!--### Verify XML Signature Request ### -->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="ExtendedValidation" type="xsd:boolean" default="false" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu
+ überprüfenden XML-Signatur muss hier ein
+ ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen
+ ReferenceInfo Elemente entspricht jener der dsig:Reference
+ Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID" type="xsd:token">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von
+ vertrauenswürdigen Wurzelzertifikaten spezifiziert
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ### -->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureAlgorithm" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyASICXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is
+ supported; QualifiedCertificate is included as X509Data/any;
+ PublicAuthority is included as X509Data/any;
+ SecureSignatureCreationDevice is included as X509Data/any,
+ IssuingCountry is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SigningTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="HashInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="InputDataType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ <xsd:element name="FormCheckResult" type="FormResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ExtendedCertificateCheck" type="ExtendedCertificateCheckResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="InputDataType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentExLocRefBaseType">
+ <xsd:attribute name="PartOf" use="optional" default="SignedInfo">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="SignedInfo"/>
+ <xsd:enumeration value="XMLDSIGManifest"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ <xsd:attribute name="ReferringSigReference" type="xsd:nonNegativeInteger" use="optional"/>
+ <xsd:attribute name="HashAlgorithm" type="xsd:string" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER
+ Transformationskette inklusive ggf. sinnvoller Supplements oder
+ Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CMSDataObjectRequiredMetaType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="PDFSignedRepsonse">
+ <xsd:sequence>
+ <xsd:element name="SignatureID" type="xsd:string" minOccurs="0" maxOccurs="1"/>
+ <xsd:choice maxOccurs="1">
+ <xsd:element name="PDFSignature" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung
+ erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectRequiredMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FormResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="IndicationResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Name" type="xsd:string" minOccurs="1" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ExtendedCertificateCheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Major" type="IndicationResultType" minOccurs="1" maxOccurs="1"/>
+ <xsd:element name="Minor" type="IndicationResultType" minOccurs="0" maxOccurs="1"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent>
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ### -->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert
+ ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ### -->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent>
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von
+ der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur
+ hat zumindest einem dieser Transformationswege zu entsprechen. Die
+ Angabe kann explizit oder als Profilbezeichner erfolgen.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="SecureSignatureCreationDevice">
+ <xsd:complexType>
+ <xsd:attribute name="source" use="optional">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:token">
+ <xsd:enumeration value="TSL"/>
+ <xsd:enumeration value="Certificate"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="IssuingCountry" type="xsd:token"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:integer" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters
+ (explizit oder als Hashwert) kann unterlassen werden, wenn die
+ Applikation von der Unveränderlichkeit des Inhalts der in
+ "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen
+ kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.
+ </xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die
+ zum Durchlaufen der oben angeführten Transformationskette
+ bekannt sein müssen, müssen hier angeführt werden. Das
+ Attribut "URI" bezeichnet den Transformationsparameter in exakt
+ jener Weise, wie er in der zu überprüfenden Signatur gebraucht
+ wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
diff --git a/release-infos/handbook/handbook/config/MOA-SPSS-config-3.0.0.xsd b/release-infos/handbook/handbook/config/MOA-SPSS-config-3.0.0.xsd
index 18e3a74..c9739d3 100644
--- a/release-infos/handbook/handbook/config/MOA-SPSS-config-3.0.0.xsd
+++ b/release-infos/handbook/handbook/config/MOA-SPSS-config-3.0.0.xsd
@@ -140,12 +140,12 @@
<xs:element name="CertificateValidation">
<xs:complexType>
<xs:sequence>
- <xs:element name="ConnectionTimeout" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="ReadTimeout" type="xs:string" minOccurs="0" maxOccurs="1"/>
<xs:element name="PathConstruction">
<xs:complexType>
<xs:sequence>
<xs:element name="AutoAddCertificates" type="xs:boolean"/>
+ <xs:element name="AutoAddEECertificates" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
<xs:element name="UseAuthorityInformationAccess" type="xs:boolean"/>
<xs:element name="CertificateStore">
<xs:complexType>