From 84293bd12f63b59852026cab02035fc9ebee626a Mon Sep 17 00:00:00 2001
From: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>
Date: Mon, 14 Mar 2016 16:29:03 +0100
Subject: A lot of moa sig stuff

---
 .../at/gv/egovernment/moa/spss/MOAException.java   |    4 +-
 .../egovernment/moa/spss/MOARuntimeException.java  |    2 +-
 .../gv/egovernment/moa/spss/api/Configurator.java  |    2 +-
 .../gv/egovernment/moa/spss/api/SPSSFactory.java   |   68 +-
 .../moa/spss/api/SignatureCreationService.java     |    2 +-
 .../moa/spss/api/SignatureVerificationService.java |    2 +-
 .../api/cmsverify/VerifyCMSSignatureRequest.java   |    1 +
 .../spss/api/common/CanonicalizationTransform.java |    2 +-
 .../common/ExclusiveCanonicalizationTransform.java |    2 +-
 .../moa/spss/api/impl/SPSSFactoryImpl.java         | 1041 +++++++++-----------
 .../api/impl/VerifyCMSSignatureRequestImpl.java    |    9 +
 .../api/impl/VerifyXMLSignatureRequestImpl.java    |  204 ++--
 .../xmlbind/CreateCMSSignatureRequestParser.java   |   10 +-
 .../xmlbind/CreateCMSSignatureResponseBuilder.java |    4 +-
 .../xmlbind/CreateXMLSignatureRequestParser.java   |    9 +-
 .../xmlbind/CreateXMLSignatureResponseBuilder.java |    3 +-
 .../moa/spss/api/xmlbind/ProfileParser.java        |    9 +-
 .../moa/spss/api/xmlbind/RequestParserUtils.java   |  299 +++---
 .../moa/spss/api/xmlbind/ResponseBuilderUtils.java |    6 +-
 .../moa/spss/api/xmlbind/TransformParser.java      |    7 +-
 .../xmlbind/VerifyCMSSignatureRequestParser.java   |   56 +-
 .../xmlbind/VerifyCMSSignatureResponseBuilder.java |   18 +-
 .../xmlbind/VerifyPDFSignatureResponseBuilder.java |  145 +++
 .../xmlbind/VerifyXMLSignatureRequestParser.java   |  415 ++++----
 .../xmlbind/VerifyXMLSignatureResponseBuilder.java |   25 +-
 .../api/xmlverify/VerifyXMLSignatureRequest.java   |    8 +
 .../spss/server/config/CRLDistributionPoint.java   |    5 +-
 .../server/config/ConfigurationPartsBuilder.java   |   70 +-
 .../spss/server/config/ConfigurationProvider.java  |   23 +-
 .../cmssign/CMSSignatureCreationProfileImpl.java   |    2 +-
 .../PDFSignatureVerificationProfileImpl.java       |    2 +-
 .../moa/spss/server/iaik/config/CRLRetriever.java  |   18 +-
 .../spss/server/iaik/config/IaikConfigurator.java  |    4 +-
 .../spss/server/iaik/config/LoggerConfigImpl.java  |    3 +-
 .../server/iaik/config/PKIConfigurationImpl.java   |   10 +-
 .../iaik/config/RevocationConfigurationImpl.java   |    3 +-
 .../config/SoftwareKeyModuleConfigurationImpl.java |    6 +-
 .../server/iaik/xml/XSLTTransformationImpl.java    |   26 +-
 .../xmlsign/XMLSignatureCreationProfileImpl.java   |    2 +-
 .../moa/spss/server/init/SystemInitializer.java    |   28 +-
 .../server/invoke/CMSSignatureCreationInvoker.java |    6 +-
 .../invoke/CMSSignatureVerificationInvoker.java    |  755 +++++++-------
 .../CMSSignatureVerificationProfileFactory.java    |    3 +-
 .../moa/spss/server/invoke/DataObjectFactory.java  |   18 +-
 .../moa/spss/server/invoke/InvokerUtils.java       |    5 +-
 .../spss/server/invoke/ServiceContextUtils.java    |    5 +-
 .../invoke/VerifyCMSSignatureResponseBuilder.java  |   60 +-
 .../invoke/VerifyXMLSignatureResponseBuilder.java  |    6 +-
 .../server/invoke/XMLSignatureCreationInvoker.java |   10 +-
 .../invoke/XMLSignatureCreationProfileFactory.java |    6 +-
 .../invoke/XMLSignatureVerificationInvoker.java    |   48 +-
 .../moa/spss/server/logging/IaikLogFactory.java    |    3 +-
 .../server/service/RevocationArchiveCleaner.java   |    4 +-
 .../server/transaction/TransactionContext.java     |    2 +-
 .../moa/spss/tsl/config/Configurator.java          |    4 +-
 .../moa/spss/tsl/connector/MOATSLVerifier.java     |  265 +++++
 .../moa/spss/tsl/connector/MOATslKeySelector.java  |  123 +++
 .../moa/spss/tsl/connector/TSLConnector.java       |   12 +-
 .../moa/spss/tsl/timer/TSLUpdaterTimerTask.java    |    6 +-
 .../spss/tsl/utils/TSLEUImportFromFileContext.java |   12 +-
 .../moa/spss/tsl/utils/TSLEvaluationContext.java   |    4 +-
 .../spss/tsl/utils/TSLImportFromFileContext.java   |   27 +-
 .../moa/spss/util/CertificateUtils.java            |    4 +-
 .../moa/spss/util/ExternalURIVerifier.java         |    4 +-
 .../moa/spss/util/MOASPSSEntityResolver.java       |    6 +-
 .../egovernment/moa/spss/util/MessageProvider.java |    2 +-
 .../moa/spss/util/ResetableInputStreamWrapper.java |   59 ++
 67 files changed, 2456 insertions(+), 1558 deletions(-)
 create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
 create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATSLVerifier.java
 create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATslKeySelector.java
 create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ResetableInputStreamWrapper.java

(limited to 'moaSig/moa-sig-lib/src/main/java')

diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
index 803f3fd..bf7f9af 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOAException.java
@@ -34,10 +34,8 @@ import org.w3c.dom.DOMImplementation;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
-import at.gv.egovernment.moa.util.Constants;
-
-
 import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * Base class of MOA specific exceptions.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java
index a3c8565..3a65c48 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/MOARuntimeException.java
@@ -35,7 +35,7 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * Base class of MOA specific runtime exceptions.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java
index 6cbdf7d..59db7b5 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/Configurator.java
@@ -52,7 +52,7 @@ public abstract class Configurator {
           (Configurator) discover.newInstance(
             Configurator.class,
             DEFAULT_IMPLEMENTATION);*/
-        return new ConfiguratorImpl();
+    	instance = new ConfiguratorImpl();
       } catch (Exception e) {
         // this can not happen since we provide a valid default 
         // implementation
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
index d216569..c6a750e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SPSSFactory.java
@@ -109,7 +109,7 @@ public abstract class SPSSFactory {
           (SPSSFactory) discover.newInstance(
             SPSSFactory.class,
             DEFAULT_IMPLEMENTATION);*/
-        return new SPSSFactoryImpl();
+        instance = new SPSSFactoryImpl();
       } catch (Exception e) {
         // this can not happen since we provide a valid default 
         // implementation
@@ -469,6 +469,37 @@ public abstract class SPSSFactory {
     CMSDataObject dataObject,
     String trustProfileID,
     boolean pdf);
+  
+  /**
+   * Create a new <code>VerifyCMSSignatureRequest</code> object.
+   * 
+   * @param signatories The indexes of the signatories whose signature is to
+   * be verified.
+   * @param dateTime The date for which the verification is to be performed.
+   * May be <code>null</code>.
+   * @param cmsSignature The CMS signature.
+   * @param dataObject The signed data. May be <code>null</code>.
+   * @param trustProfileID The ID of the trust profile containing the trusted
+   * root certificates.
+   * @return The <code>VerifyCMSSignatureRequest</code> containing the above
+   * data.
+   * 
+   * @pre signatories != null && signatories.length > 0
+   * @pre signaturies != VerifyCMSSignatureRequest.ALL_SIGNATORIES implies
+   *        for (int i = 0;  i < signatories.length; i++)
+   *          signatories[i] >= 1
+   * @pre cmsSignature != null
+   * @pre trustProfileID != null && trustProfileID.length() > 0
+   * @post return != null
+   */
+  public abstract VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(
+    int[] signatories,
+    Date dateTime,
+    InputStream cmsSignature,
+    CMSDataObject dataObject,
+    String trustProfileID,
+    boolean pdf,
+    boolean extended);
 
   /**
    * Create a new <code>CMSDataObject</code> object from data at a given URI.
@@ -583,6 +614,41 @@ public abstract class SPSSFactory {
     SignatureManifestCheckParams signatureManifestParams,
     boolean returnHashInputData,
     String trustProfileID);
+  
+  /**
+   * Create a new <code>VerifyXMLSignatureRequest</code> object.
+   * 
+   * @param dateTime The date for which the verification is to be performed.
+   * May be <code>null</code>.
+   * @param verifySignatureInfo Information about the signature environment and
+   * the location of the signature.
+   * @param supplementProfiles Supplemental information for the signature 
+   * environment. May be <code>null</code>.
+   * @param signatureManifestParams Additional information for checking the
+   * signature manifest. May be <code>null</code>.
+   * @param returnHashInputData If <code>true</code>, hash input data will
+   * be returned in the response, otherwise not.
+   * @param trustProfileID The ID of the trust profile containing the trusted
+   * root certificates.
+   * @param extendedValidation Should the valdation result in forms
+   * @return The new <code>VerifyXMLSignatureRequest</code> containing the
+   * above data.
+   * 
+   * @pre verifySignatureInfo != null
+   * @pre supplementProfiles != null implies
+   *        forall Object o in supplementProfiles | 
+   *          o instanceof at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile
+   * @pre trustProfileID != null && trustProfileID.length() > 0
+   * @post return != null
+   */
+  public abstract VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(
+		    Date dateTime,
+		    VerifySignatureInfo verifySignatureInfo,
+		    List supplementProfiles,
+		    SignatureManifestCheckParams signatureManifestParams,
+		    boolean returnHashInputData,
+		    String trustProfileID,
+		    boolean extendedValidation);
 
   /**
    * Create a new <code>VerifySignatureInfo</code> object.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java
index dfdd13d..05271fb 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureCreationService.java
@@ -59,7 +59,7 @@ public abstract class SignatureCreationService {
           (SignatureCreationService) discover.newInstance(
             SignatureCreationService.class,
             DEFAULT_IMPLEMENTATION);*/
-        return new SignatureCreationServiceImpl();
+        instance = new SignatureCreationServiceImpl();
       } catch (Exception e) {
         // this can not happen since we provide a valid default 
         // implementation
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java
index 85e2a97..2433e20 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/SignatureVerificationService.java
@@ -60,7 +60,7 @@ public abstract class SignatureVerificationService {
           (SignatureVerificationService) discover.newInstance(
             SignatureVerificationService.class,
             DEFAULT_IMPLEMENTATION);*/
-        return new SignatureVerificationServiceImpl();
+    	  instance = new SignatureVerificationServiceImpl();
       } catch (Exception e) {
         // this can not happen since we provide a valid default 
         // implementation
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
index 3adb381..6294fb1 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/cmsverify/VerifyCMSSignatureRequest.java
@@ -75,4 +75,5 @@ public interface VerifyCMSSignatureRequest {
   public String getTrustProfileId();
   
   public boolean isPDF();
+  public boolean isExtended();
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java
index 988c5bc..05977c5 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/CanonicalizationTransform.java
@@ -24,7 +24,7 @@
 
 package at.gv.egovernment.moa.spss.api.common;
 
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * A canonicalization type of <code>Transform</code>.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java
index 5c2b633..557ff21 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/common/ExclusiveCanonicalizationTransform.java
@@ -26,7 +26,7 @@ package at.gv.egovernment.moa.spss.api.common;
 
 import java.util.List;
 
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * An exclusive canonicalization type of <code>Transform</code>.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
index 478dcb4..9719c29 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/SPSSFactoryImpl.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.spss.api.impl;
 
 import java.io.InputStream;
@@ -85,576 +84,474 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
  */
 public class SPSSFactoryImpl extends SPSSFactory {
 
-  public CreateXMLSignatureRequest createCreateXMLSignatureRequest(
-    String keyIdentifier,
-    List singleSignatureInfos) {
-    CreateXMLSignatureRequestImpl createXMLSignatureRequest =
-      new CreateXMLSignatureRequestImpl();
-    createXMLSignatureRequest.setKeyIdentifier(keyIdentifier);
-    createXMLSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
-    return createXMLSignatureRequest;
-  }
-  
-  public CreateCMSSignatureRequest createCreateCMSSignatureRequest(
-    String keyIdentifier,
-    List singleSignatureInfos) {
-	  CreateCMSSignatureRequestImpl createCMSSignatureRequest =
-		      new CreateCMSSignatureRequestImpl();
-	  createCMSSignatureRequest.setKeyIdentifier(keyIdentifier);
-	  createCMSSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
-	  return createCMSSignatureRequest;
-	  
-  }
-  
-  public CreateCMSSignatureResponse createCreateCMSSignatureResponse(List responseElements) {
-	  CreateCMSSignatureResponseImpl createCMSSignatureResponse = new CreateCMSSignatureResponseImpl();
-	  createCMSSignatureResponse.setResponseElements(responseElements);
-	  return createCMSSignatureResponse;
-  }
-  
-  
-  public CMSSignatureResponse createCMSSignatureResponse(String base64value) {
-	  CMSSignatureResponseImpl cmsSignatureResponse = new CMSSignatureResponseImpl();
-	  cmsSignatureResponse.setCMSSignature(base64value);
-	  
-	  return cmsSignatureResponse;
-  }
-  
-
-  public SingleSignatureInfo createSingleSignatureInfo(
-    List dataObjectInfos,
-    CreateSignatureInfo createSignatureInfo,
-    boolean securityLayerConform) {
-    SingleSignatureInfoImpl singleSignatureInfo = new SingleSignatureInfoImpl();
-    singleSignatureInfo.setDataObjectInfos(dataObjectInfos);
-    singleSignatureInfo.setCreateSignatureInfo(createSignatureInfo);
-    singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
-    return singleSignatureInfo;
-  }
-  
-  public at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo createSingleSignatureInfoCMS(
-		  at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo dataObjectInfo,		    
-		    boolean securityLayerConform) {
-		    SingleSignatureInfoCMSImpl singleSignatureInfo = new SingleSignatureInfoCMSImpl();
-		    singleSignatureInfo.setDataObjectInfo(dataObjectInfo);
-		    singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
-		    return singleSignatureInfo;
-		  }
-  
-  public DataObjectInfo createDataObjectInfo(
-    String structure,
-    boolean childOfManifest,
-    Content dataObject,
-    CreateTransformsInfoProfile createTransformsInfoProfile) {
-    DataObjectInfoImpl dataObjectInfo = new DataObjectInfoImpl();
-    dataObjectInfo.setStructure(structure);
-    dataObjectInfo.setChildOfManifest(childOfManifest);
-    dataObjectInfo.setDataObject(dataObject);
-    dataObjectInfo.setCreateTransformsInfoProfile(createTransformsInfoProfile);
-    return dataObjectInfo;
-  }
-  
-  public at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo createDataObjectInfo(
-		    String structure,
-		    CMSDataObject dataObject) {
-		    DataObjectInfoCMSImpl dataObjectInfo = new DataObjectInfoCMSImpl();
-		    dataObjectInfo.setStructure(structure);
-		    dataObjectInfo.setDataObject(dataObject);
-		    return dataObjectInfo;
-		  }
-
-  public CreateTransformsInfoProfile createCreateTransformsInfoProfile(String profileID) {
-
-    CreateTransformsInfoProfileIDImpl createTransformsInfoProfile =
-      new CreateTransformsInfoProfileIDImpl();
-    createTransformsInfoProfile.setCreateTransformsInfoProfileID(profileID);
-    return createTransformsInfoProfile;
-  }
-
-  public CreateTransformsInfoProfile createCreateTransformsInfoProfile(
-    CreateTransformsInfo transformsInfo,
-    List supplements) {
-    CreateTransformsInfoProfileExplicitImpl createTransformsInfoProfile =
-      new CreateTransformsInfoProfileExplicitImpl();
-    createTransformsInfoProfile.setCreateTransformsInfo(transformsInfo);
-    createTransformsInfoProfile.setSupplements(supplements);
-    return createTransformsInfoProfile;
-  }
-
-  public CreateTransformsInfo createCreateTransformsInfo(
-    List transforms,
-    MetaInfo finalDataMetaInfo) {
-    CreateTransformsInfoImpl createTransformsInfo =
-      new CreateTransformsInfoImpl();
-      
-    createTransformsInfo.setTransforms(transforms);
-    createTransformsInfo.setFinalDataMetaInfo(finalDataMetaInfo);
-    return createTransformsInfo;
-  }
-
-  public CreateSignatureInfo createCreateSignatureInfo(
-    Content createSignatureEnvironment,
-    CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile) {
-    CreateSignatureInfoImpl createSignatureInfo = new CreateSignatureInfoImpl();
-    createSignatureInfo.setCreateSignatureEnvironment(
-      createSignatureEnvironment);
-    createSignatureInfo.setCreateSignatureEnvironmentProfile(
-      createSignatureEnvironmentProfile);
-    return createSignatureInfo;
-  }
-
-  public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(
-    CreateSignatureLocation createSignatureLocation,
-    List supplements) {
-    CreateSignatureEnvironmentProfileExplicitImpl createSignatureEnvironmentProfile =
-      new CreateSignatureEnvironmentProfileExplicitImpl();
-    createSignatureEnvironmentProfile.setCreateSignatureLocation(
-      createSignatureLocation);
-    createSignatureEnvironmentProfile.setSupplements(supplements);
-    return createSignatureEnvironmentProfile;
-  }
-
-  public CreateSignatureLocation createCreateSignatureLocation(
-    String signatureLocationXPath,
-    int signatureLocationIndex,
-    Map namespaceDeclarations) {
-    CreateSignatureLocationImpl createSignatureLocation =
-      new CreateSignatureLocationImpl();
-    createSignatureLocation.setIndex(signatureLocationIndex);
-    createSignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
-    createSignatureLocation.setXPathExpression(signatureLocationXPath);
-    return createSignatureLocation;
-  }
-
-  public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(String profileID) {
-    CreateSignatureEnvironmentProfileIDImpl createSignatureEnvironmentProfile =
-      new CreateSignatureEnvironmentProfileIDImpl();
-    createSignatureEnvironmentProfile.setCreateSignatureEnvironmentProfileID(
-      profileID);
-    return createSignatureEnvironmentProfile;
-  }
-
-  public CreateXMLSignatureResponse createCreateXMLSignatureResponse(List responseElements) {
-    CreateXMLSignatureResponseImpl createXMLSignatureResponse =
-      new CreateXMLSignatureResponseImpl();
-    createXMLSignatureResponse.setResponseElements(responseElements);
-    return createXMLSignatureResponse;
-  }
-
-  public SignatureEnvironmentResponse createSignatureEnvironmentResponse(Element signatureEnvironment) {
-    SignatureEnvironmentResponseImpl signatureEnvironmentResponse =
-      new SignatureEnvironmentResponseImpl();
-    signatureEnvironmentResponse.setSignatureEnvironment(signatureEnvironment);
-    return signatureEnvironmentResponse;
-  }
-
-  public ErrorResponse createErrorResponse(int code, String info) {
-    ErrorResponseImpl errorResponse = new ErrorResponseImpl();
-    errorResponse.setErrorCode(code);
-    errorResponse.setInfo(info);
-    return errorResponse;
-  }
-
-  public VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(
-    int[] signatories,
-    Date dateTime,
-    InputStream cmsSignature,
-    CMSDataObject dataObject,
-    String trustProfileID,
-    boolean pdf) {
-    VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest =
-      new VerifyCMSSignatureRequestImpl();
-    verifyCMSSignatureRequest.setDateTime(dateTime);
-    verifyCMSSignatureRequest.setCMSSignature(cmsSignature);
-    verifyCMSSignatureRequest.setDataObject(dataObject);
-    verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
-    verifyCMSSignatureRequest.setSignatories(signatories);
-    verifyCMSSignatureRequest.setPDF(pdf);
-    return verifyCMSSignatureRequest;
-  }
-
-  public CMSDataObject createCMSDataObject(
-    MetaInfo metaInfo,
-    CMSContent content,
-    BigDecimal excludeByteRangeFrom,
-    BigDecimal excludeByteRangeTo) {
-      
-    CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
-    cmsDataObject.setMetaInfo(metaInfo);
-    cmsDataObject.setContent(content);
-    cmsDataObject.setExcludeByteRangeFrom(excludeByteRangeFrom);
-    cmsDataObject.setExcludeByteRangeTo(excludeByteRangeTo);
-    
-    return cmsDataObject;
-  }
-  
-  public CMSContent createCMSContent(InputStream binaryContent) {
-    CMSContentExplicitImpl cmsContent = new CMSContentExplicitImpl();
-    
-    cmsContent.setBinaryContent(binaryContent);
-    return cmsContent;
-  }
-
-  public CMSContent createCMSContent(String referenceURI) {
-    CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
-    
-    cmsContent.setReference(referenceURI);
-    return cmsContent;
-  }  
-  
-
-  public CMSDataObject createCMSDataObject(
-    MetaInfo metaInfo,
-    String referenceURI) {
-    CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
-    CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
-    cmsDataObject.setMetaInfo(metaInfo);
-    cmsContent.setReference(referenceURI);
-    return cmsDataObject;
-  }
-
-  public VerifyCMSSignatureResponse createVerifyCMSSignatureResponse(List responseElements) {
-    VerifyCMSSinatureResponseImpl verifyCMSSignatureResponse =
-      new VerifyCMSSinatureResponseImpl();
-    verifyCMSSignatureResponse.setResponseElements(responseElements);
-    return verifyCMSSignatureResponse;
-  }
-
-  public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(
-    SignerInfo signerInfo,
-    CheckResult signatureCheck,
-    CheckResult certificateCheck, 
-    List adesResult) {
-    VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement =
-      new VerifyCMSSignatureResponseElementImpl();
-    verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
-    verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
-    verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck);
-    verifyCMSSignatureResponseElement.setAdESFormResults(adesResult);
-    return verifyCMSSignatureResponseElement;
-  }
-
-  public VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(
-    Date dateTime,
-    VerifySignatureInfo verifySignatureInfo,
-    List supplementProfiles,
-    SignatureManifestCheckParams signatureManifestParams,
-    boolean returnHashInputData,
-    String trustProfileID) {
-    VerifyXMLSignatureRequestImpl verifyXMLSignatureRequest =
-      new VerifyXMLSignatureRequestImpl();
-    verifyXMLSignatureRequest.setDateTime(dateTime);
-    verifyXMLSignatureRequest.setSignatureInfo(verifySignatureInfo);
-    verifyXMLSignatureRequest.setSupplementProfiles(supplementProfiles);
-    verifyXMLSignatureRequest.setSignatureManifestCheckParams(
-      signatureManifestParams);
-    verifyXMLSignatureRequest.setReturnHashInputData(returnHashInputData);
-    verifyXMLSignatureRequest.setTrustProfileId(trustProfileID);
-    return verifyXMLSignatureRequest;
-  }
-
-  public VerifySignatureInfo createVerifySignatureInfo(
-    Content verifySignatureEnvironment,
-    VerifySignatureLocation verifySignatureLocation) {
-    VerifySignatureInfoImpl verifySignatureInfo = new VerifySignatureInfoImpl();
-    verifySignatureInfo.setVerifySignatureEnvironment(
-      verifySignatureEnvironment);
-    verifySignatureInfo.setVerifySignatureLocation(verifySignatureLocation);
-    return verifySignatureInfo;
-  }
-
-  public VerifySignatureLocation createVerifySignatureLocation(
-    String xPathExpression,
-    Map namespaceDeclarations) {
-    VerifySignatureLocationImpl verifySignatureLocation =
-      new VerifySignatureLocationImpl();
-    verifySignatureLocation.setXPathExpression(xPathExpression);
-    verifySignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
-    return verifySignatureLocation;
-  }
-
-  public SupplementProfile createSupplementProfile(String profileID) {
-    SupplementProfileIDImpl supplementProfileID = new SupplementProfileIDImpl();
-    supplementProfileID.setSupplementProfileID(profileID);
-    return supplementProfileID;
-  }
-
-  public SupplementProfile createSupplementProfile(XMLDataObjectAssociation supplementProfile) {
-    SupplementProfileExplicitImpl supplementProfileExplicit =
-      new SupplementProfileExplicitImpl();
-    supplementProfileExplicit.setSupplementProfile(supplementProfile);
-    return supplementProfileExplicit;
-  }
-
-  public SignatureManifestCheckParams createSignatureManifestCheckParams(
-    List referenceInfos,
-    boolean returnReferenceInputData) {
-    SignatureManifestCheckParamsImpl signatureManifestCheckParams =
-      new SignatureManifestCheckParamsImpl();
-    signatureManifestCheckParams.setReferenceInfos(referenceInfos);
-    signatureManifestCheckParams.setReturnReferenceInputData(
-      returnReferenceInputData);
-    return signatureManifestCheckParams;
-  }
-
-  public ReferenceInfo createReferenceInfo(List verifyTransformsInfoProfiles) {
-    ReferenceInfoImpl referenceInfo = new ReferenceInfoImpl();
-    referenceInfo.setVerifyTransformsInfoProfiles(verifyTransformsInfoProfiles);
-    return referenceInfo;
-  }
-
-  public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(
-    List transforms,
-    List transformParameters) {
-    VerifyTransformsInfoProfileExplicitImpl verifyTransformsInfoProfile =
-      new VerifyTransformsInfoProfileExplicitImpl();
-    
-    verifyTransformsInfoProfile.setTransforms(transforms);
-    verifyTransformsInfoProfile.setTransformParameters(transformParameters);
-    
-    return verifyTransformsInfoProfile;
-  }
-
-  public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(String profileID) {
-    VerifyTransformsInfoProfileIDImpl verifyTransformsInfoProfile =
-      new VerifyTransformsInfoProfileIDImpl();
-    verifyTransformsInfoProfile.setVerifyTransformsInfoProfileID(profileID);
-    return verifyTransformsInfoProfile;
-  }
-
-
-  public TransformParameter createTransformParameter(String URI, String digestMethod, byte[] digestValue) {
-    TransformPatameterHashImpl transformParameter =
-      new TransformPatameterHashImpl();
-    transformParameter.setURI(URI);
-    transformParameter.setDigestMethod(digestMethod);
-    transformParameter.setDigestValue(digestValue);
-    return transformParameter;
-  }
-
-  public TransformParameter createTransformParameter(
-    String URI,
-    InputStream binaryData) {
-    TransformParameterBinaryImpl transformParameter =
-      new TransformParameterBinaryImpl();
-    transformParameter.setURI(URI);
-    transformParameter.setBinaryContent(binaryData);
-    return transformParameter;
-  }
-
-  public TransformParameter createTransformParameter(String URI) {
-    TransformParameterURIImpl transformParameter =
-      new TransformParameterURIImpl();
-    transformParameter.setURI(URI);
-    return transformParameter;
-  }
-
-  public VerifyXMLSignatureResponse createVerifyXMLSignatureResponse(
-    SignerInfo signerInfo,
-    List hashInputDatas,
-    List referenceInputDatas,
-    ReferencesCheckResult signatureCheck,
-    ReferencesCheckResult signatureManifestCheck,
-    List xmlDsigManifestChecks,
-    CheckResult certificateCheck,
-    List adesFormResults) {
-    VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse =
-      new VerifyXMLSignatureResponseImpl();
-    verifyXMLSignatureResponse.setSignerInfo(signerInfo);
-    verifyXMLSignatureResponse.setHashInputDatas(hashInputDatas);
-    verifyXMLSignatureResponse.setReferenceInputDatas(referenceInputDatas);
-    verifyXMLSignatureResponse.setSignatureCheck(signatureCheck);
-    verifyXMLSignatureResponse.setSignatureManifestCheck(
-      signatureManifestCheck);
-    verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks);
-    verifyXMLSignatureResponse.setCertificateCheck(certificateCheck);
-    verifyXMLSignatureResponse.setAdESFormResults(adesFormResults);
-    return verifyXMLSignatureResponse;
-  }
-
-  public ReferencesCheckResult createReferencesCheckResult(
-    int code,
-    ReferencesCheckResultInfo info) {
-    ReferencesCheckResultImpl referencesCheckResult =
-      new ReferencesCheckResultImpl();
-    referencesCheckResult.setCode(code);
-    referencesCheckResult.setInfo(info);
-    return referencesCheckResult;
-  }
-
-  public ReferencesCheckResultInfo createReferencesCheckResultInfo(
-    NodeList anyOtherInfo,
-    int[] failedReferences) {
-    ReferencesCheckResultInfoImpl referencesCheckResultInfo =
-      new ReferencesCheckResultInfoImpl();
-    referencesCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
-    referencesCheckResultInfo.setFailedReferences(failedReferences);
-    return referencesCheckResultInfo;
-  }
-
-  public ManifestRefsCheckResult createManifestRefsCheckResult(
-    int code,
-    ManifestRefsCheckResultInfo info) {
-    ManifestRefsCheckResultImpl manifestRefsCheckResult =
-      new ManifestRefsCheckResultImpl();
-    manifestRefsCheckResult.setCode(code);
-    manifestRefsCheckResult.setInfo(info);
-    return manifestRefsCheckResult;
-  }
-  
-  public ManifestRefsCheckResultInfo createManifestRefsCheckResultInfo(
-    NodeList anyOtherInfo,
-    int[] failedReferences,
-    int referringSigReference) {
-    ManifestRefsCheckResultInfoImpl manifestRefsCheckResultInfo =
-      new ManifestRefsCheckResultInfoImpl();
-    manifestRefsCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
-    manifestRefsCheckResultInfo.setReferringSignatureReference(
-      referringSigReference);
-    manifestRefsCheckResultInfo.setFailedReferences(failedReferences);
-    return manifestRefsCheckResultInfo;
-  }
-
-  public Content createContent(InputStream binaryData, String referenceURI) {
-    ContentBinaryImpl content = new ContentBinaryImpl();
-    content.setBinaryContent(binaryData);
-    content.setReference(referenceURI);
-    return content;
-  }
-
-  public Content createContent(String locationReferenceURI, String referenceURI) {
-    ContentLocRefImpl content = new ContentLocRefImpl();
-    content.setLocationReferenceURI(locationReferenceURI);
-    content.setReference(referenceURI);
-    return content;
-  }
-
-  public Content createContent(String referenceURI) {
-    ContentReferenceImpl content = new ContentReferenceImpl();
-    content.setReference(referenceURI);
-    return content;
-  }
-
-  public Content createContent(NodeList xmlData, String referenceURI) {
-    ContentXMLImpl content = new ContentXMLImpl();
-    content.setXMLContent(xmlData);
-    content.setReference(referenceURI);
-    return content;
-  }
-  
-  public XMLDataObjectAssociation createXMLDataObjectAssociation(
-    MetaInfo metaInfo,
-    Content xmlContent) {
-    XMLDataObjectAssociationImpl xmlDataObjectAssociation =
-      new XMLDataObjectAssociationImpl();
-    xmlDataObjectAssociation.setMetaInfo(metaInfo);
-    xmlDataObjectAssociation.setContent(xmlContent);
-    return xmlDataObjectAssociation;
-  }
-
-  public MetaInfo createMetaInfo(
-    String mimeType,
-    String description,
-    NodeList otherInfo,
-    String type) {
-    MetaInfoImpl metaInfo = new MetaInfoImpl();
-    metaInfo.setMimeType(mimeType);
-    metaInfo.setDescription(description);
-    metaInfo.setAnyElements(otherInfo);
-    metaInfo.setType(type);
-    return metaInfo;
-  }
-
-  public Transform createCanonicalizationTransform(String algorithmURI) {
-    CanonicalizationTransformImpl transform = new CanonicalizationTransformImpl(algorithmURI);
-    return transform;
-  }
-  
-  public Transform createExclusiveCanonicalizationTransform(String algorithmURI, List inclusiveNamespacePrefixes) {
-    ExclusiveCanonicalizationTransformImpl transform = new ExclusiveCanonicalizationTransformImpl(algorithmURI);
-    transform.setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
-    return transform;
-  }
-  
-  public Transform createBase64Transform() {
-    Base64TransformImpl transform = new Base64TransformImpl();
-    return transform;
-  }
-
-  public Transform createEnvelopedSignatureTransform() {
-    EnvelopedSignatureTransformImpl transform =
-      new EnvelopedSignatureTransformImpl();
-    return transform;
-  }
-
-  public Transform createXSLTTransform(Element styleSheet) {
-    XSLTransformImpl transform = new XSLTransformImpl();
-    transform.setStylesheet(styleSheet);
-    return transform;
-  }
-
-  public Transform createXPathTransform(
-    String xPathExpression,
-    Map namespaceDeclarations) {
-    XPathTransformImpl transform = new XPathTransformImpl();
-    transform.setXPathExpression(xPathExpression);
-    transform.setNamespaceDelcarations(namespaceDeclarations);
-    return transform;
-  }
-
-  public Transform createXPathFilter2Transform(List xPathFilters) {
-    XPathFilter2TransformImpl transform = new XPathFilter2TransformImpl();
-    transform.setFilters(xPathFilters);
-    return transform;
-  }
-
-  public XPathFilter createXPathFilter(
-    String filterType,
-    String xPathExpression,
-    Map namespaceDeclarations) {
-    XPathFilterImpl xPathFilter = new XPathFilterImpl();
-    xPathFilter.setFilterType(filterType);
-    xPathFilter.setXPathExpression(xPathExpression);
-    xPathFilter.setNamespaceDelcarations(namespaceDeclarations);
-    return xPathFilter;
-  }
-
-  public CheckResult createCheckResult(int code, NodeList info) {
-    CheckResultImpl checkResult = new CheckResultImpl();
-    checkResult.setCode(code);
-    checkResult.setInfo(info);
-    return checkResult;
-  }
-  
-
-  public SignerInfo createSignerInfo(
-    X509Certificate signerCertificate,
-    boolean qualifiedCertificate,
-    boolean qcSourceTSL,
-    boolean publicAuthority,
-    String publicAuthorityID, 
-    boolean sscd,
-    boolean sscdSourceTSL,
-    String issuerCountryCode) {
-    SignerInfoImpl signerInfo = new SignerInfoImpl();
-    signerInfo.setSignerCertificate(signerCertificate);
-    signerInfo.setQualifiedCertificate(qualifiedCertificate);
-    signerInfo.setQCSourceTSL(qcSourceTSL);
-    signerInfo.setPublicAuthority(publicAuthority);
-    signerInfo.setPublicAuhtorityID(publicAuthorityID);
-    signerInfo.setSSCD(sscd);
-    signerInfo.setSSCDSourceTSL(sscdSourceTSL);
-    signerInfo.setIssuerCountryCode(issuerCountryCode);
-    return signerInfo;
-  }
-
-  public X509IssuerSerial createX509IssuerSerial(
-    String issuerName,
-    BigInteger serialNumber) {
-    X509IssuerSerialImpl x509IssuerSerial = new X509IssuerSerialImpl();
-    x509IssuerSerial.setX509IssuerName(issuerName);
-    x509IssuerSerial.setX509SerialNumber(serialNumber);
-    return x509IssuerSerial;
-  }
+	public CreateXMLSignatureRequest createCreateXMLSignatureRequest(String keyIdentifier, List singleSignatureInfos) {
+		CreateXMLSignatureRequestImpl createXMLSignatureRequest = new CreateXMLSignatureRequestImpl();
+		createXMLSignatureRequest.setKeyIdentifier(keyIdentifier);
+		createXMLSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
+		return createXMLSignatureRequest;
+	}
+
+	public CreateCMSSignatureRequest createCreateCMSSignatureRequest(String keyIdentifier, List singleSignatureInfos) {
+		CreateCMSSignatureRequestImpl createCMSSignatureRequest = new CreateCMSSignatureRequestImpl();
+		createCMSSignatureRequest.setKeyIdentifier(keyIdentifier);
+		createCMSSignatureRequest.setSingleSignatureInfos(singleSignatureInfos);
+		return createCMSSignatureRequest;
+
+	}
+
+	public CreateCMSSignatureResponse createCreateCMSSignatureResponse(List responseElements) {
+		CreateCMSSignatureResponseImpl createCMSSignatureResponse = new CreateCMSSignatureResponseImpl();
+		createCMSSignatureResponse.setResponseElements(responseElements);
+		return createCMSSignatureResponse;
+	}
+
+	public CMSSignatureResponse createCMSSignatureResponse(String base64value) {
+		CMSSignatureResponseImpl cmsSignatureResponse = new CMSSignatureResponseImpl();
+		cmsSignatureResponse.setCMSSignature(base64value);
+
+		return cmsSignatureResponse;
+	}
+
+	public SingleSignatureInfo createSingleSignatureInfo(List dataObjectInfos, CreateSignatureInfo createSignatureInfo,
+			boolean securityLayerConform) {
+		SingleSignatureInfoImpl singleSignatureInfo = new SingleSignatureInfoImpl();
+		singleSignatureInfo.setDataObjectInfos(dataObjectInfos);
+		singleSignatureInfo.setCreateSignatureInfo(createSignatureInfo);
+		singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
+		return singleSignatureInfo;
+	}
+
+	public at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo createSingleSignatureInfoCMS(
+			at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo dataObjectInfo, boolean securityLayerConform) {
+		SingleSignatureInfoCMSImpl singleSignatureInfo = new SingleSignatureInfoCMSImpl();
+		singleSignatureInfo.setDataObjectInfo(dataObjectInfo);
+		singleSignatureInfo.setSecurityLayerConform(securityLayerConform);
+		return singleSignatureInfo;
+	}
+
+	public DataObjectInfo createDataObjectInfo(String structure, boolean childOfManifest, Content dataObject,
+			CreateTransformsInfoProfile createTransformsInfoProfile) {
+		DataObjectInfoImpl dataObjectInfo = new DataObjectInfoImpl();
+		dataObjectInfo.setStructure(structure);
+		dataObjectInfo.setChildOfManifest(childOfManifest);
+		dataObjectInfo.setDataObject(dataObject);
+		dataObjectInfo.setCreateTransformsInfoProfile(createTransformsInfoProfile);
+		return dataObjectInfo;
+	}
+
+	public at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo createDataObjectInfo(String structure,
+			CMSDataObject dataObject) {
+		DataObjectInfoCMSImpl dataObjectInfo = new DataObjectInfoCMSImpl();
+		dataObjectInfo.setStructure(structure);
+		dataObjectInfo.setDataObject(dataObject);
+		return dataObjectInfo;
+	}
+
+	public CreateTransformsInfoProfile createCreateTransformsInfoProfile(String profileID) {
+
+		CreateTransformsInfoProfileIDImpl createTransformsInfoProfile = new CreateTransformsInfoProfileIDImpl();
+		createTransformsInfoProfile.setCreateTransformsInfoProfileID(profileID);
+		return createTransformsInfoProfile;
+	}
+
+	public CreateTransformsInfoProfile createCreateTransformsInfoProfile(CreateTransformsInfo transformsInfo,
+			List supplements) {
+		CreateTransformsInfoProfileExplicitImpl createTransformsInfoProfile = new CreateTransformsInfoProfileExplicitImpl();
+		createTransformsInfoProfile.setCreateTransformsInfo(transformsInfo);
+		createTransformsInfoProfile.setSupplements(supplements);
+		return createTransformsInfoProfile;
+	}
+
+	public CreateTransformsInfo createCreateTransformsInfo(List transforms, MetaInfo finalDataMetaInfo) {
+		CreateTransformsInfoImpl createTransformsInfo = new CreateTransformsInfoImpl();
+
+		createTransformsInfo.setTransforms(transforms);
+		createTransformsInfo.setFinalDataMetaInfo(finalDataMetaInfo);
+		return createTransformsInfo;
+	}
+
+	public CreateSignatureInfo createCreateSignatureInfo(Content createSignatureEnvironment,
+			CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile) {
+		CreateSignatureInfoImpl createSignatureInfo = new CreateSignatureInfoImpl();
+		createSignatureInfo.setCreateSignatureEnvironment(createSignatureEnvironment);
+		createSignatureInfo.setCreateSignatureEnvironmentProfile(createSignatureEnvironmentProfile);
+		return createSignatureInfo;
+	}
+
+	public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(
+			CreateSignatureLocation createSignatureLocation, List supplements) {
+		CreateSignatureEnvironmentProfileExplicitImpl createSignatureEnvironmentProfile = new CreateSignatureEnvironmentProfileExplicitImpl();
+		createSignatureEnvironmentProfile.setCreateSignatureLocation(createSignatureLocation);
+		createSignatureEnvironmentProfile.setSupplements(supplements);
+		return createSignatureEnvironmentProfile;
+	}
+
+	public CreateSignatureLocation createCreateSignatureLocation(String signatureLocationXPath,
+			int signatureLocationIndex, Map namespaceDeclarations) {
+		CreateSignatureLocationImpl createSignatureLocation = new CreateSignatureLocationImpl();
+		createSignatureLocation.setIndex(signatureLocationIndex);
+		createSignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
+		createSignatureLocation.setXPathExpression(signatureLocationXPath);
+		return createSignatureLocation;
+	}
+
+	public CreateSignatureEnvironmentProfile createCreateSignatureEnvironmentProfile(String profileID) {
+		CreateSignatureEnvironmentProfileIDImpl createSignatureEnvironmentProfile = new CreateSignatureEnvironmentProfileIDImpl();
+		createSignatureEnvironmentProfile.setCreateSignatureEnvironmentProfileID(profileID);
+		return createSignatureEnvironmentProfile;
+	}
+
+	public CreateXMLSignatureResponse createCreateXMLSignatureResponse(List responseElements) {
+		CreateXMLSignatureResponseImpl createXMLSignatureResponse = new CreateXMLSignatureResponseImpl();
+		createXMLSignatureResponse.setResponseElements(responseElements);
+		return createXMLSignatureResponse;
+	}
+
+	public SignatureEnvironmentResponse createSignatureEnvironmentResponse(Element signatureEnvironment) {
+		SignatureEnvironmentResponseImpl signatureEnvironmentResponse = new SignatureEnvironmentResponseImpl();
+		signatureEnvironmentResponse.setSignatureEnvironment(signatureEnvironment);
+		return signatureEnvironmentResponse;
+	}
+
+	public ErrorResponse createErrorResponse(int code, String info) {
+		ErrorResponseImpl errorResponse = new ErrorResponseImpl();
+		errorResponse.setErrorCode(code);
+		errorResponse.setInfo(info);
+		return errorResponse;
+	}
+
+	public VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(int[] signatories, Date dateTime,
+			InputStream cmsSignature, CMSDataObject dataObject, String trustProfileID, boolean pdf) {
+		return this.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID, pdf, false);
+	}
+
+	public VerifyCMSSignatureRequest createVerifyCMSSignatureRequest(int[] signatories, Date dateTime,
+			InputStream cmsSignature, CMSDataObject dataObject, String trustProfileID, boolean pdf, boolean extended) {
+		VerifyCMSSignatureRequestImpl verifyCMSSignatureRequest = new VerifyCMSSignatureRequestImpl();
+		verifyCMSSignatureRequest.setDateTime(dateTime);
+		verifyCMSSignatureRequest.setCMSSignature(cmsSignature);
+		verifyCMSSignatureRequest.setDataObject(dataObject);
+		verifyCMSSignatureRequest.setTrustProfileId(trustProfileID);
+		verifyCMSSignatureRequest.setSignatories(signatories);
+		verifyCMSSignatureRequest.setPDF(pdf);
+		verifyCMSSignatureRequest.setExtended(extended);
+		return verifyCMSSignatureRequest;
+	}
+	
+	public CMSDataObject createCMSDataObject(MetaInfo metaInfo, CMSContent content, BigDecimal excludeByteRangeFrom,
+			BigDecimal excludeByteRangeTo) {
+
+		CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
+		cmsDataObject.setMetaInfo(metaInfo);
+		cmsDataObject.setContent(content);
+		cmsDataObject.setExcludeByteRangeFrom(excludeByteRangeFrom);
+		cmsDataObject.setExcludeByteRangeTo(excludeByteRangeTo);
+
+		return cmsDataObject;
+	}
+
+	public CMSContent createCMSContent(InputStream binaryContent) {
+		CMSContentExplicitImpl cmsContent = new CMSContentExplicitImpl();
+
+		cmsContent.setBinaryContent(binaryContent);
+		return cmsContent;
+	}
+
+	public CMSContent createCMSContent(String referenceURI) {
+		CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
+
+		cmsContent.setReference(referenceURI);
+		return cmsContent;
+	}
+
+	public CMSDataObject createCMSDataObject(MetaInfo metaInfo, String referenceURI) {
+		CMSDataObjectImpl cmsDataObject = new CMSDataObjectImpl();
+		CMSContentReferenceImpl cmsContent = new CMSContentReferenceImpl();
+		cmsDataObject.setMetaInfo(metaInfo);
+		cmsContent.setReference(referenceURI);
+		return cmsDataObject;
+	}
+
+	public VerifyCMSSignatureResponse createVerifyCMSSignatureResponse(List responseElements) {
+		VerifyCMSSinatureResponseImpl verifyCMSSignatureResponse = new VerifyCMSSinatureResponseImpl();
+		verifyCMSSignatureResponse.setResponseElements(responseElements);
+		return verifyCMSSignatureResponse;
+	}
+
+	public VerifyCMSSignatureResponseElement createVerifyCMSSignatureResponseElement(SignerInfo signerInfo,
+			CheckResult signatureCheck, CheckResult certificateCheck, List adesResult) {
+		VerifyCMSSignatureResponseElementImpl verifyCMSSignatureResponseElement = new VerifyCMSSignatureResponseElementImpl();
+		verifyCMSSignatureResponseElement.setSignerInfo(signerInfo);
+		verifyCMSSignatureResponseElement.setSignatureCheck(signatureCheck);
+		verifyCMSSignatureResponseElement.setCertificateCheck(certificateCheck);
+		verifyCMSSignatureResponseElement.setAdESFormResults(adesResult);
+		return verifyCMSSignatureResponseElement;
+	}
+
+	public VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(Date dateTime,
+			VerifySignatureInfo verifySignatureInfo, List supplementProfiles,
+			SignatureManifestCheckParams signatureManifestParams, boolean returnHashInputData, String trustProfileID) {
+		return this.createVerifyXMLSignatureRequest(dateTime, verifySignatureInfo, supplementProfiles,
+				signatureManifestParams, returnHashInputData, trustProfileID, false);
+	}
+
+	public VerifySignatureInfo createVerifySignatureInfo(Content verifySignatureEnvironment,
+			VerifySignatureLocation verifySignatureLocation) {
+		VerifySignatureInfoImpl verifySignatureInfo = new VerifySignatureInfoImpl();
+		verifySignatureInfo.setVerifySignatureEnvironment(verifySignatureEnvironment);
+		verifySignatureInfo.setVerifySignatureLocation(verifySignatureLocation);
+		return verifySignatureInfo;
+	}
+
+	public VerifySignatureLocation createVerifySignatureLocation(String xPathExpression, Map namespaceDeclarations) {
+		VerifySignatureLocationImpl verifySignatureLocation = new VerifySignatureLocationImpl();
+		verifySignatureLocation.setXPathExpression(xPathExpression);
+		verifySignatureLocation.setNamespaceDeclarations(namespaceDeclarations);
+		return verifySignatureLocation;
+	}
+
+	public SupplementProfile createSupplementProfile(String profileID) {
+		SupplementProfileIDImpl supplementProfileID = new SupplementProfileIDImpl();
+		supplementProfileID.setSupplementProfileID(profileID);
+		return supplementProfileID;
+	}
+
+	public SupplementProfile createSupplementProfile(XMLDataObjectAssociation supplementProfile) {
+		SupplementProfileExplicitImpl supplementProfileExplicit = new SupplementProfileExplicitImpl();
+		supplementProfileExplicit.setSupplementProfile(supplementProfile);
+		return supplementProfileExplicit;
+	}
+
+	public SignatureManifestCheckParams createSignatureManifestCheckParams(List referenceInfos,
+			boolean returnReferenceInputData) {
+		SignatureManifestCheckParamsImpl signatureManifestCheckParams = new SignatureManifestCheckParamsImpl();
+		signatureManifestCheckParams.setReferenceInfos(referenceInfos);
+		signatureManifestCheckParams.setReturnReferenceInputData(returnReferenceInputData);
+		return signatureManifestCheckParams;
+	}
+
+	public ReferenceInfo createReferenceInfo(List verifyTransformsInfoProfiles) {
+		ReferenceInfoImpl referenceInfo = new ReferenceInfoImpl();
+		referenceInfo.setVerifyTransformsInfoProfiles(verifyTransformsInfoProfiles);
+		return referenceInfo;
+	}
+
+	public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(List transforms, List transformParameters) {
+		VerifyTransformsInfoProfileExplicitImpl verifyTransformsInfoProfile = new VerifyTransformsInfoProfileExplicitImpl();
+
+		verifyTransformsInfoProfile.setTransforms(transforms);
+		verifyTransformsInfoProfile.setTransformParameters(transformParameters);
+
+		return verifyTransformsInfoProfile;
+	}
+
+	public VerifyTransformsInfoProfile createVerifyTransformsInfoProfile(String profileID) {
+		VerifyTransformsInfoProfileIDImpl verifyTransformsInfoProfile = new VerifyTransformsInfoProfileIDImpl();
+		verifyTransformsInfoProfile.setVerifyTransformsInfoProfileID(profileID);
+		return verifyTransformsInfoProfile;
+	}
+
+	public TransformParameter createTransformParameter(String URI, String digestMethod, byte[] digestValue) {
+		TransformPatameterHashImpl transformParameter = new TransformPatameterHashImpl();
+		transformParameter.setURI(URI);
+		transformParameter.setDigestMethod(digestMethod);
+		transformParameter.setDigestValue(digestValue);
+		return transformParameter;
+	}
+
+	public TransformParameter createTransformParameter(String URI, InputStream binaryData) {
+		TransformParameterBinaryImpl transformParameter = new TransformParameterBinaryImpl();
+		transformParameter.setURI(URI);
+		transformParameter.setBinaryContent(binaryData);
+		return transformParameter;
+	}
+
+	public TransformParameter createTransformParameter(String URI) {
+		TransformParameterURIImpl transformParameter = new TransformParameterURIImpl();
+		transformParameter.setURI(URI);
+		return transformParameter;
+	}
+
+	public VerifyXMLSignatureResponse createVerifyXMLSignatureResponse(SignerInfo signerInfo, List hashInputDatas,
+			List referenceInputDatas, ReferencesCheckResult signatureCheck,
+			ReferencesCheckResult signatureManifestCheck, List xmlDsigManifestChecks, CheckResult certificateCheck,
+			List adesFormResults) {
+		VerifyXMLSignatureResponseImpl verifyXMLSignatureResponse = new VerifyXMLSignatureResponseImpl();
+		verifyXMLSignatureResponse.setSignerInfo(signerInfo);
+		verifyXMLSignatureResponse.setHashInputDatas(hashInputDatas);
+		verifyXMLSignatureResponse.setReferenceInputDatas(referenceInputDatas);
+		verifyXMLSignatureResponse.setSignatureCheck(signatureCheck);
+		verifyXMLSignatureResponse.setSignatureManifestCheck(signatureManifestCheck);
+		verifyXMLSignatureResponse.setXMLDsigManifestChecks(xmlDsigManifestChecks);
+		verifyXMLSignatureResponse.setCertificateCheck(certificateCheck);
+		verifyXMLSignatureResponse.setAdESFormResults(adesFormResults);
+		return verifyXMLSignatureResponse;
+	}
+
+	public ReferencesCheckResult createReferencesCheckResult(int code, ReferencesCheckResultInfo info) {
+		ReferencesCheckResultImpl referencesCheckResult = new ReferencesCheckResultImpl();
+		referencesCheckResult.setCode(code);
+		referencesCheckResult.setInfo(info);
+		return referencesCheckResult;
+	}
+
+	public ReferencesCheckResultInfo createReferencesCheckResultInfo(NodeList anyOtherInfo, int[] failedReferences) {
+		ReferencesCheckResultInfoImpl referencesCheckResultInfo = new ReferencesCheckResultInfoImpl();
+		referencesCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
+		referencesCheckResultInfo.setFailedReferences(failedReferences);
+		return referencesCheckResultInfo;
+	}
+
+	public ManifestRefsCheckResult createManifestRefsCheckResult(int code, ManifestRefsCheckResultInfo info) {
+		ManifestRefsCheckResultImpl manifestRefsCheckResult = new ManifestRefsCheckResultImpl();
+		manifestRefsCheckResult.setCode(code);
+		manifestRefsCheckResult.setInfo(info);
+		return manifestRefsCheckResult;
+	}
+
+	public ManifestRefsCheckResultInfo createManifestRefsCheckResultInfo(NodeList anyOtherInfo, int[] failedReferences,
+			int referringSigReference) {
+		ManifestRefsCheckResultInfoImpl manifestRefsCheckResultInfo = new ManifestRefsCheckResultInfoImpl();
+		manifestRefsCheckResultInfo.setAnyOtherInfo(anyOtherInfo);
+		manifestRefsCheckResultInfo.setReferringSignatureReference(referringSigReference);
+		manifestRefsCheckResultInfo.setFailedReferences(failedReferences);
+		return manifestRefsCheckResultInfo;
+	}
+
+	public Content createContent(InputStream binaryData, String referenceURI) {
+		ContentBinaryImpl content = new ContentBinaryImpl();
+		content.setBinaryContent(binaryData);
+		content.setReference(referenceURI);
+		return content;
+	}
+
+	public Content createContent(String locationReferenceURI, String referenceURI) {
+		ContentLocRefImpl content = new ContentLocRefImpl();
+		content.setLocationReferenceURI(locationReferenceURI);
+		content.setReference(referenceURI);
+		return content;
+	}
+
+	public Content createContent(String referenceURI) {
+		ContentReferenceImpl content = new ContentReferenceImpl();
+		content.setReference(referenceURI);
+		return content;
+	}
+
+	public Content createContent(NodeList xmlData, String referenceURI) {
+		ContentXMLImpl content = new ContentXMLImpl();
+		content.setXMLContent(xmlData);
+		content.setReference(referenceURI);
+		return content;
+	}
+
+	public XMLDataObjectAssociation createXMLDataObjectAssociation(MetaInfo metaInfo, Content xmlContent) {
+		XMLDataObjectAssociationImpl xmlDataObjectAssociation = new XMLDataObjectAssociationImpl();
+		xmlDataObjectAssociation.setMetaInfo(metaInfo);
+		xmlDataObjectAssociation.setContent(xmlContent);
+		return xmlDataObjectAssociation;
+	}
+
+	public MetaInfo createMetaInfo(String mimeType, String description, NodeList otherInfo, String type) {
+		MetaInfoImpl metaInfo = new MetaInfoImpl();
+		metaInfo.setMimeType(mimeType);
+		metaInfo.setDescription(description);
+		metaInfo.setAnyElements(otherInfo);
+		metaInfo.setType(type);
+		return metaInfo;
+	}
+
+	public Transform createCanonicalizationTransform(String algorithmURI) {
+		CanonicalizationTransformImpl transform = new CanonicalizationTransformImpl(algorithmURI);
+		return transform;
+	}
+
+	public Transform createExclusiveCanonicalizationTransform(String algorithmURI, List inclusiveNamespacePrefixes) {
+		ExclusiveCanonicalizationTransformImpl transform = new ExclusiveCanonicalizationTransformImpl(algorithmURI);
+		transform.setInclusiveNamespacePrefixes(inclusiveNamespacePrefixes);
+		return transform;
+	}
+
+	public Transform createBase64Transform() {
+		Base64TransformImpl transform = new Base64TransformImpl();
+		return transform;
+	}
+
+	public Transform createEnvelopedSignatureTransform() {
+		EnvelopedSignatureTransformImpl transform = new EnvelopedSignatureTransformImpl();
+		return transform;
+	}
+
+	public Transform createXSLTTransform(Element styleSheet) {
+		XSLTransformImpl transform = new XSLTransformImpl();
+		transform.setStylesheet(styleSheet);
+		return transform;
+	}
+
+	public Transform createXPathTransform(String xPathExpression, Map namespaceDeclarations) {
+		XPathTransformImpl transform = new XPathTransformImpl();
+		transform.setXPathExpression(xPathExpression);
+		transform.setNamespaceDelcarations(namespaceDeclarations);
+		return transform;
+	}
+
+	public Transform createXPathFilter2Transform(List xPathFilters) {
+		XPathFilter2TransformImpl transform = new XPathFilter2TransformImpl();
+		transform.setFilters(xPathFilters);
+		return transform;
+	}
+
+	public XPathFilter createXPathFilter(String filterType, String xPathExpression, Map namespaceDeclarations) {
+		XPathFilterImpl xPathFilter = new XPathFilterImpl();
+		xPathFilter.setFilterType(filterType);
+		xPathFilter.setXPathExpression(xPathExpression);
+		xPathFilter.setNamespaceDelcarations(namespaceDeclarations);
+		return xPathFilter;
+	}
+
+	public CheckResult createCheckResult(int code, NodeList info) {
+		CheckResultImpl checkResult = new CheckResultImpl();
+		checkResult.setCode(code);
+		checkResult.setInfo(info);
+		return checkResult;
+	}
+
+	public SignerInfo createSignerInfo(X509Certificate signerCertificate, boolean qualifiedCertificate,
+			boolean qcSourceTSL, boolean publicAuthority, String publicAuthorityID, boolean sscd, boolean sscdSourceTSL,
+			String issuerCountryCode) {
+		SignerInfoImpl signerInfo = new SignerInfoImpl();
+		signerInfo.setSignerCertificate(signerCertificate);
+		signerInfo.setQualifiedCertificate(qualifiedCertificate);
+		signerInfo.setQCSourceTSL(qcSourceTSL);
+		signerInfo.setPublicAuthority(publicAuthority);
+		signerInfo.setPublicAuhtorityID(publicAuthorityID);
+		signerInfo.setSSCD(sscd);
+		signerInfo.setSSCDSourceTSL(sscdSourceTSL);
+		signerInfo.setIssuerCountryCode(issuerCountryCode);
+		return signerInfo;
+	}
+
+	public X509IssuerSerial createX509IssuerSerial(String issuerName, BigInteger serialNumber) {
+		X509IssuerSerialImpl x509IssuerSerial = new X509IssuerSerialImpl();
+		x509IssuerSerial.setX509IssuerName(issuerName);
+		x509IssuerSerial.setX509SerialNumber(serialNumber);
+		return x509IssuerSerial;
+	}
+
+	@Override
+	public VerifyXMLSignatureRequest createVerifyXMLSignatureRequest(Date dateTime,
+			VerifySignatureInfo verifySignatureInfo, List supplementProfiles,
+			SignatureManifestCheckParams signatureManifestParams, boolean returnHashInputData, String trustProfileID,
+			boolean extendedValidation) {
+		VerifyXMLSignatureRequestImpl verifyXMLSignatureRequest = new VerifyXMLSignatureRequestImpl();
+		verifyXMLSignatureRequest.setDateTime(dateTime);
+		verifyXMLSignatureRequest.setSignatureInfo(verifySignatureInfo);
+		verifyXMLSignatureRequest.setSupplementProfiles(supplementProfiles);
+		verifyXMLSignatureRequest.setSignatureManifestCheckParams(signatureManifestParams);
+		verifyXMLSignatureRequest.setReturnHashInputData(returnHashInputData);
+		verifyXMLSignatureRequest.setTrustProfileId(trustProfileID);
+		verifyXMLSignatureRequest.setExtendedValidation(extendedValidation);
+		return verifyXMLSignatureRequest;
+	}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
index 78d817b..e16717d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyCMSSignatureRequestImpl.java
@@ -51,6 +51,7 @@ public class VerifyCMSSignatureRequestImpl
   private Date dateTime;
   
   private boolean pdf = false;
+  private boolean extended = false;
 
   /**
    * Sets the indexes of the signatories whose signature should be verified.
@@ -124,4 +125,12 @@ public class VerifyCMSSignatureRequestImpl
 	  return this.pdf;
   }
 
+public synchronized boolean isExtended() {
+	return extended;
+}
+
+public synchronized void setExtended(boolean extended) {
+	this.extended = extended;
+}
+
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java
index 1b9be35..91d1917 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/impl/VerifyXMLSignatureRequestImpl.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.spss.api.impl;
 
 import java.util.ArrayList;
@@ -39,99 +38,114 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
  * @author Fatemeh Philippi
  * @version $Id$
  */
-public class VerifyXMLSignatureRequestImpl
-  implements VerifyXMLSignatureRequest {
-  /** Date and time for signature verification. */
-  private Date dateTime;
-  /** The signature to be verified. */
-  private VerifySignatureInfo verifySignatureInfo;
-  /** Supplemental information about the singature. */
-  private List supplementProfiles;
-  /** Additional parameters for checking the signature manifest. */
-  private SignatureManifestCheckParams signatureManifestCheckParams;
-  /** Whether to return the hash input data. */
-  private boolean returnHashInputData;
-  /** The profile ID of the trust profile containing the trusted certificates. 
-   */
-  private String trustProfileId;
-
-  /**
-   * Sets the date and time for signature verification.
-   * 
-   * @param dateTime The date and time for signature verification.
-   */
-  public void setDateTime(Date dateTime) {
-    this.dateTime = dateTime;
-  }
-
-  public Date getDateTime() {
-    return dateTime;
-  }
-
-  /** 
-   * Sets the signature to be verified.
-   * 
-   * @param signatureInfo The signature to be verified.
-   */
-  public void setSignatureInfo(VerifySignatureInfo signatureInfo) {
-    this.verifySignatureInfo = signatureInfo;
-  }
-
-  public VerifySignatureInfo getSignatureInfo() {
-    return verifySignatureInfo;
-  }
-
-  /**
-   * Sets supplemental information about the singature.
-   * @param supplementProfiles
-   */
-  public void setSupplementProfiles(List supplementProfiles) {
-    this.supplementProfiles =
-      supplementProfiles != null
-        ? Collections.unmodifiableList(new ArrayList(supplementProfiles))
-        : null;
-  }
-
-  public List getSupplementProfiles() {
-    return supplementProfiles;
-  }
-
-  /**
-   * Sets supplemental information about the singature.
-   * @param params Supplemental information about the singature.
-   */
-  public void setSignatureManifestCheckParams(SignatureManifestCheckParams params) {
-    this.signatureManifestCheckParams = params;
-  }
-
-  public SignatureManifestCheckParams getSignatureManifestCheckParams() {
-    return signatureManifestCheckParams;
-  }
-
-  /**
-   * Sets whether to return hash input data.
-   * 
-   * @param returnSignedData Whether to return hash input data.
-   */
-  public void setReturnHashInputData(boolean returnSignedData) {
-    this.returnHashInputData = returnSignedData;
-  }
-
-  public boolean getReturnHashInputData() {
-    return returnHashInputData;
-  }
-
-  /**
-   * Sets the profile ID of trusted certificates.
-   * 
-   * @param trustProfileId The profile ID of trusted certificates.
-   */
-  public void setTrustProfileId(String trustProfileId) {
-    this.trustProfileId = trustProfileId;
-  }
-
-  public String getTrustProfileId() {
-    return trustProfileId;
-  }
+public class VerifyXMLSignatureRequestImpl implements VerifyXMLSignatureRequest {
+	/** Date and time for signature verification. */
+	private Date dateTime;
+	/** The signature to be verified. */
+	private VerifySignatureInfo verifySignatureInfo;
+	/** Supplemental information about the singature. */
+	private List supplementProfiles;
+	/** Additional parameters for checking the signature manifest. */
+	private SignatureManifestCheckParams signatureManifestCheckParams;
+	/** Whether to return the hash input data. */
+	private boolean returnHashInputData;
+	private boolean extendedValidation;
+	/**
+	 * The profile ID of the trust profile containing the trusted certificates.
+	 */
+	private String trustProfileId;
+
+	/**
+	 * Sets the date and time for signature verification.
+	 * 
+	 * @param dateTime
+	 *            The date and time for signature verification.
+	 */
+	public void setDateTime(Date dateTime) {
+		this.dateTime = dateTime;
+	}
+
+	public Date getDateTime() {
+		return dateTime;
+	}
+
+	/**
+	 * Sets the signature to be verified.
+	 * 
+	 * @param signatureInfo
+	 *            The signature to be verified.
+	 */
+	public void setSignatureInfo(VerifySignatureInfo signatureInfo) {
+		this.verifySignatureInfo = signatureInfo;
+	}
+
+	public VerifySignatureInfo getSignatureInfo() {
+		return verifySignatureInfo;
+	}
+
+	/**
+	 * Sets supplemental information about the singature.
+	 * 
+	 * @param supplementProfiles
+	 */
+	public void setSupplementProfiles(List supplementProfiles) {
+		this.supplementProfiles = supplementProfiles != null
+				? Collections.unmodifiableList(new ArrayList(supplementProfiles)) : null;
+	}
+
+	public List getSupplementProfiles() {
+		return supplementProfiles;
+	}
+
+	/**
+	 * Sets supplemental information about the singature.
+	 * 
+	 * @param params
+	 *            Supplemental information about the singature.
+	 */
+	public void setSignatureManifestCheckParams(SignatureManifestCheckParams params) {
+		this.signatureManifestCheckParams = params;
+	}
+
+	public SignatureManifestCheckParams getSignatureManifestCheckParams() {
+		return signatureManifestCheckParams;
+	}
+
+	/**
+	 * Sets whether to return hash input data.
+	 * 
+	 * @param returnSignedData
+	 *            Whether to return hash input data.
+	 */
+	public void setReturnHashInputData(boolean returnSignedData) {
+		this.returnHashInputData = returnSignedData;
+	}
+
+	public boolean getReturnHashInputData() {
+		return returnHashInputData;
+	}
+
+	/**
+	 * Sets the profile ID of trusted certificates.
+	 * 
+	 * @param trustProfileId
+	 *            The profile ID of trusted certificates.
+	 */
+	public void setTrustProfileId(String trustProfileId) {
+		this.trustProfileId = trustProfileId;
+	}
+
+	public String getTrustProfileId() {
+		return trustProfileId;
+	}
+
+	public synchronized void setExtendedValidation(boolean extendedValidation) {
+		this.extendedValidation = extendedValidation;
+	}
+
+	@Override
+	public boolean getExtendedValidaiton() {
+		return extendedValidation;
+	}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java
index a8cae9c..3550c27 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureRequestParser.java
@@ -40,11 +40,11 @@ import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
 import at.gv.egovernment.moa.spss.api.common.MetaInfo;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.BoolUtils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A parser to parse <code>CreateCMSSignatureRequest</code> DOM trees into
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java
index 907f90d..d808f2b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateCMSSignatureResponseBuilder.java
@@ -38,8 +38,8 @@ import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
 import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponseElement;
 import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
 import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
 
 /**
  * Convert a <code>CreateCMSSignatureResponse</code> API object into its
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java
index 9cea2fc..d677f88 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParser.java
@@ -30,11 +30,6 @@ import java.util.List;
 import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
 
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.Content;
@@ -44,6 +39,10 @@ import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
 import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest;
 import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
 import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import at.gv.egovernment.moaspss.util.BoolUtils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A parser to parse <code>CreateXMLSignatureRequest</code> DOM trees into
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java
index 0af1a67..3c93fce 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureResponseBuilder.java
@@ -30,13 +30,12 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
-import at.gv.egovernment.moa.util.Constants;
-
 import at.gv.egovernment.moa.spss.MOASystemException;
 import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
 import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponseElement;
 import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
 import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * Convert a <code>CreateXMLSignatureResponse</code> API object into its
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java
index 0705c0b..6b34922 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ProfileParser.java
@@ -33,11 +33,6 @@ import java.util.Map;
 import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
 
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.MetaInfo;
@@ -49,6 +44,10 @@ import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
 import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
 import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * Parse the various profile elements contained in the MOA web service requests
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java
index 743a17c..1d53a0c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/RequestParserUtils.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.spss.api.xmlbind;
 
 import java.text.ParseException;
@@ -30,17 +29,16 @@ import java.util.Date;
 import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.Content;
 import at.gv.egovernment.moa.spss.api.common.MetaInfo;
 import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.DateTimeUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * Utility methods for parsing XML requests definied in the MOA XML schema.
@@ -49,133 +47,164 @@ import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
  * @version $Id$
  */
 public class RequestParserUtils {
-  //
-  // XPath expressions for parsing parts of a request
-  //
-  private static final String MOA = Constants.MOA_PREFIX + ":";
-  private static final String REFERENCE_ATTR_NAME = "Reference";
-  private static final String MIME_TYPE_XPATH = MOA + "MimeType";
-  private static final String DESCRIPTION_XPATH = MOA + "Description";
-  private static final String TYPE_XPATH = MOA + "Type";
-  private static final String XML_ASSOC_CONTENT_XPATH = MOA + "Content";
-  private static final String CONTENT_XPATH =
-    MOA + "Base64Content | " + MOA + "XMLContent |" + MOA + "LocRefContent";
-  private static final String ANY_OTHER_XPATH =
-    "*[namespace-uri() != \"" + Constants.MOA_NS_URI + "\"]";
-
-  /**
-   * Parse a <code>XMLDataObjectAssociationType</code> kind of DOM element.
-   * 
-   * @param assocElem The <code>XMLDataObjectAssociationType</code> kind of
-   * DOM elmeent to parse. 
-   * @return The <code>XMLDataObjectAssociation</code> API object containing
-   * the data from the <code>XMLDataObjectAssociationType</code> DOM element.
-   */
-  public static XMLDataObjectAssociation parseXMLDataObjectAssociation(Element assocElem) {
-    SPSSFactory factory = SPSSFactory.getInstance();
-    MetaInfo metaInfo = parseMetaInfo(assocElem);
-    Element contentElem =
-      (Element) XPathUtils.selectSingleNode(assocElem, XML_ASSOC_CONTENT_XPATH);
-    Content content = parseContent(contentElem);
-
-    return factory.createXMLDataObjectAssociation(metaInfo, content);
-  }
-
-  /**
-   * Parse a <code>MetaInfoType</code> kind of DOM element.
-   * 
-   * @param metaInfoElem The <code>MetaInfoType</code> kind of DOM element.
-   * @return The <code>MetaInfo</code> API object containing the data from
-   * the <code>metaInfoElem</code>.
-   */
-  public static MetaInfo parseMetaInfo(Element metaInfoElem) {
-    SPSSFactory factory = SPSSFactory.getInstance();
-    String mimeType =
-      XPathUtils.getElementValue(metaInfoElem, MIME_TYPE_XPATH, null);
-    String description =
-      XPathUtils.getElementValue(metaInfoElem, DESCRIPTION_XPATH, null);
-    NodeList anyOther =
-      XPathUtils.selectNodeList(metaInfoElem, ANY_OTHER_XPATH);
-    String type =
-      XPathUtils.getElementValue(metaInfoElem, TYPE_XPATH, null);
-
-    return factory.createMetaInfo(mimeType, description, anyOther, type);
-  }
-
-  /**
-   * Parse a <code>ContentOptionalRefType</code> or 
-   * <code>ContentRequiredRefType</code> kind of DOM element.
-   * @param contentParentElem The DOM element being the parent of the 
-   * content element.
-   * @return The <code>Content</code> API object containing the data from
-   * the given DOM element.
-   */
-  public static Content parseContent(Element contentParentElem) {
-    SPSSFactory factory = SPSSFactory.getInstance();
-    String referenceURI =
-      contentParentElem.hasAttribute(REFERENCE_ATTR_NAME)
-        ? contentParentElem.getAttribute(REFERENCE_ATTR_NAME)
-        : null;
-    Element contentElem =
-      (Element) XPathUtils.selectSingleNode(contentParentElem, CONTENT_XPATH);
-
-    if (contentElem == null) {
-      return factory.createContent(referenceURI);
-    }
-
-    if ("Base64Content".equals(contentElem.getLocalName())) {
-      String base64String = DOMUtils.getText(contentElem);
-      return factory.createContent(
-        Base64Utils.decodeToStream(base64String, true),
-        referenceURI);
-    } else if ("LocRefContent".equals(contentElem.getLocalName())) {
-      String locationReferenceURI = DOMUtils.getText(contentElem);
-      return factory.createContent(
-        locationReferenceURI,
-        referenceURI);
-    } else { // "XMLContent".equals(contentElem.getLocalName())
-      return factory.createContent(
-        contentElem.getChildNodes(),
-        referenceURI);
-    }
-  }
-
-  /**
-   * Get the signing time from a Verfiy(CMS|XML)SignatureRequest.
-   * 
-   * @param requestElem A <code>Verify(CMS|XML)SignatureRequest</code> DOM 
-   * element.
-   * @param dateTimeXPath The XPath to lookup the <code>DateTime</code> element
-   * within the request.
-   * @return Date The date and time corresponding to the <code>DateTime</code>
-   * element in the request. If no <code>DateTime</code> element exists in the
-   * request, <code>null</code> is returned.
-   * @throws MOAApplicationException An error occurred during a parsing the
-   * <code>DateTime</code> element or creating the return value.
-   */
-  public static Date parseDateTime(Element requestElem, String dateTimeXPath)
-    throws MOAApplicationException {
-
-    Element dateTimeElem;
-    String dateTimeText;
-
-    // select the DateTime element
-    dateTimeElem =
-      (Element) XPathUtils.selectSingleNode(requestElem, dateTimeXPath);
-
-    // parse a date from the element value
-    if (dateTimeElem != null) {
-      dateTimeText = DOMUtils.getText(dateTimeElem);
-      try {
-        return DateTimeUtils.parseDateTime(dateTimeText);
-      } catch (ParseException e) {
-        throw new MOAApplicationException(
-          "1104",
-          new Object[] { dateTimeText });
-      }
-    } else {
-      return null;
-    }
-  }
+	//
+	// XPath expressions for parsing parts of a request
+	//
+	private static final String MOA = Constants.MOA_PREFIX + ":";
+	private static final String REFERENCE_ATTR_NAME = "Reference";
+	private static final String MIME_TYPE_XPATH = MOA + "MimeType";
+	private static final String DESCRIPTION_XPATH = MOA + "Description";
+	private static final String TYPE_XPATH = MOA + "Type";
+	private static final String XML_ASSOC_CONTENT_XPATH = MOA + "Content";
+	private static final String CONTENT_XPATH = MOA + "Base64Content | " + MOA + "XMLContent |" + MOA + "LocRefContent";
+	private static final String ANY_OTHER_XPATH = "*[namespace-uri() != \"" + Constants.MOA_NS_URI + "\"]";
+
+	/**
+	 * Parse a <code>XMLDataObjectAssociationType</code> kind of DOM element.
+	 * 
+	 * @param assocElem
+	 *            The <code>XMLDataObjectAssociationType</code> kind of DOM
+	 *            elmeent to parse.
+	 * @return The <code>XMLDataObjectAssociation</code> API object containing
+	 *         the data from the <code>XMLDataObjectAssociationType</code> DOM
+	 *         element.
+	 */
+	public static XMLDataObjectAssociation parseXMLDataObjectAssociation(Element assocElem) {
+		SPSSFactory factory = SPSSFactory.getInstance();
+		MetaInfo metaInfo = parseMetaInfo(assocElem);
+		Element contentElem = (Element) XPathUtils.selectSingleNode(assocElem, XML_ASSOC_CONTENT_XPATH);
+		Content content = parseContent(contentElem);
+
+		return factory.createXMLDataObjectAssociation(metaInfo, content);
+	}
+
+	/**
+	 * Parse a <code>MetaInfoType</code> kind of DOM element.
+	 * 
+	 * @param metaInfoElem
+	 *            The <code>MetaInfoType</code> kind of DOM element.
+	 * @return The <code>MetaInfo</code> API object containing the data from the
+	 *         <code>metaInfoElem</code>.
+	 */
+	public static MetaInfo parseMetaInfo(Element metaInfoElem) {
+		SPSSFactory factory = SPSSFactory.getInstance();
+		String mimeType = XPathUtils.getElementValue(metaInfoElem, MIME_TYPE_XPATH, null);
+		String description = XPathUtils.getElementValue(metaInfoElem, DESCRIPTION_XPATH, null);
+		NodeList anyOther = XPathUtils.selectNodeList(metaInfoElem, ANY_OTHER_XPATH);
+		String type = XPathUtils.getElementValue(metaInfoElem, TYPE_XPATH, null);
+
+		return factory.createMetaInfo(mimeType, description, anyOther, type);
+	}
+
+	/**
+	 * Parse a <code>ContentOptionalRefType</code> or
+	 * <code>ContentRequiredRefType</code> kind of DOM element.
+	 * 
+	 * @param contentParentElem
+	 *            The DOM element being the parent of the content element.
+	 * @return The <code>Content</code> API object containing the data from the
+	 *         given DOM element.
+	 */
+	public static Content parseContent(Element contentParentElem) {
+		SPSSFactory factory = SPSSFactory.getInstance();
+		String referenceURI = contentParentElem.hasAttribute(REFERENCE_ATTR_NAME)
+				? contentParentElem.getAttribute(REFERENCE_ATTR_NAME) : null;
+		Element contentElem = (Element) XPathUtils.selectSingleNode(contentParentElem, CONTENT_XPATH);
+
+		if (contentElem == null) {
+			return factory.createContent(referenceURI);
+		}
+
+		if ("Base64Content".equals(contentElem.getLocalName())) {
+			String base64String = DOMUtils.getText(contentElem);
+			return factory.createContent(Base64Utils.decodeToStream(base64String, true), referenceURI);
+		} else if ("LocRefContent".equals(contentElem.getLocalName())) {
+			String locationReferenceURI = DOMUtils.getText(contentElem);
+			return factory.createContent(locationReferenceURI, referenceURI);
+		} else { // "XMLContent".equals(contentElem.getLocalName())
+			return factory.createContent(contentElem.getChildNodes(), referenceURI);
+		}
+	}
+
+	/**
+	 * Get the signing time from a Verfiy(CMS|XML)SignatureRequest.
+	 * 
+	 * @param requestElem
+	 *            A <code>Verify(CMS|XML)SignatureRequest</code> DOM element.
+	 * @param dateTimeXPath
+	 *            The XPath to lookup the <code>DateTime</code> element within
+	 *            the request.
+	 * @return Date The date and time corresponding to the <code>DateTime</code>
+	 *         element in the request. If no <code>DateTime</code> element
+	 *         exists in the request, <code>null</code> is returned.
+	 * @throws MOAApplicationException
+	 *             An error occurred during a parsing the <code>DateTime</code>
+	 *             element or creating the return value.
+	 */
+	public static Date parseDateTime(Element requestElem, String dateTimeXPath) throws MOAApplicationException {
+
+		Element dateTimeElem;
+		String dateTimeText;
+
+		// select the DateTime element
+		dateTimeElem = (Element) XPathUtils.selectSingleNode(requestElem, dateTimeXPath);
+
+		// parse a date from the element value
+		if (dateTimeElem != null) {
+			dateTimeText = DOMUtils.getText(dateTimeElem);
+			try {
+				return DateTimeUtils.parseDateTime(dateTimeText);
+			} catch (ParseException e) {
+				throw new MOAApplicationException("1104", new Object[] { dateTimeText });
+			}
+		} else {
+			return null;
+		}
+	}
+
+	/**
+	 * Get the signing time from a Verfiy(CMS|XML)SignatureRequest.
+	 * 
+	 * @param requestElem
+	 *            A <code>Verify(CMS|XML)SignatureRequest</code> DOM element.
+	 * @param dateTimeXPath
+	 *            The XPath to lookup the <code>DateTime</code> element within
+	 *            the request.
+	 * @return Date The date and time corresponding to the <code>DateTime</code>
+	 *         element in the request. If no <code>DateTime</code> element
+	 *         exists in the request, <code>null</code> is returned.
+	 * @throws MOAApplicationException
+	 *             An error occurred during a parsing the <code>DateTime</code>
+	 *             element or creating the return value.
+	 */
+	public static boolean parseExtendedValidation(Element requestElem, String extendedValidationXPath,
+			boolean defaultValue) throws MOAApplicationException {
+
+		Element dateTimeElem;
+		String dateTimeText;
+
+		// select the DateTime element
+		dateTimeElem = (Element) XPathUtils.selectSingleNode(requestElem, extendedValidationXPath);
+
+		// parse a date from the element value
+		if (dateTimeElem != null) {
+			dateTimeText = DOMUtils.getText(dateTimeElem);
+				String xsdBoolean = dateTimeText.trim();
+				if ("".equals(xsdBoolean))
+					return defaultValue;
+				switch (xsdBoolean) {
+				case "true":
+				case "1":
+					return true;
+				case "false":
+				case "0":
+					return false;
+				default:
+					return false;
+				}
+		} else {
+			return defaultValue;
+		}
+	}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
index eaafe00..a6ed83d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/ResponseBuilderUtils.java
@@ -39,12 +39,10 @@ import org.w3c.dom.NodeList;
 
 import iaik.utils.RFC2253NameParser;
 import iaik.utils.RFC2253NameParserException;
-
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * Utility methods used by the verious <code>ResponseBuilder</code> classes.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java
index 687b0ae..6dc4803 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/TransformParser.java
@@ -32,10 +32,6 @@ import java.util.StringTokenizer;
 import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
 
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.Base64Transform;
@@ -47,6 +43,9 @@ import at.gv.egovernment.moa.spss.api.common.XPathFilter;
 import at.gv.egovernment.moa.spss.api.common.XPathFilter2Transform;
 import at.gv.egovernment.moa.spss.api.common.XPathTransform;
 import at.gv.egovernment.moa.spss.api.common.XSLTTransform;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A parser to parse XMLDsig <code>Transform</code> DOM elements into their
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
index bc92b7a..97a2541 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParser.java
@@ -33,18 +33,17 @@ import java.util.StringTokenizer;
 
 import org.w3c.dom.Element;
 
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.CollectionUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
 import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.CollectionUtils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A parser to parse <code>VerifyCMSSignatureRequest</code> DOM trees into
@@ -60,6 +59,7 @@ public class VerifyCMSSignatureRequestParser {
   //
   private static final String MOA = Constants.MOA_PREFIX + ":";
   private static final String DATE_TIME_XPATH = MOA + "DateTime";
+  private static final String EXTENDED_VALIDATION_XPATH = MOA + "ExtendedValidation";
   private static final String CMS_SIGNATURE_XPATH = MOA + "CMSSignature";
   private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID";
   private static final String DATA_OBJECT_XPATH = MOA + "DataObject";
@@ -73,6 +73,44 @@ public class VerifyCMSSignatureRequestParser {
   /** The <code>SPSSFactory</code> for creating new API objects. */
   private SPSSFactory factory = SPSSFactory.getInstance();
 
+  /**
+   * Parse a <code>VerifyCMSSignatureRequest</code> DOM element, as defined
+   * by the MOA schema.
+   * 
+   * @param requestElem The <code>VerifyCMSSignatureRequest</code> to parse. The
+   * request must have been successfully parsed against the schema for this
+   * method to succeed.
+   * @return A <code>VerifyCMSSignatureRequest</code> API objects containing
+   * the data from the DOM element.
+   * @throws MOAApplicationException An error occurred parsing the request.
+   */
+  public VerifyCMSSignatureRequest parsePDF(Element requestElem)
+    throws MOAApplicationException {
+
+    int[] signatories = parseSignatories(requestElem);
+    Date dateTime =
+      RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH);
+    boolean extendedValidation = 
+    		RequestParserUtils.parseExtendedValidation(requestElem, EXTENDED_VALIDATION_XPATH, false);
+    
+    String cmsSignatureStr =
+      XPathUtils.getElementValue(requestElem, CMS_SIGNATURE_XPATH, "");
+    CMSDataObject dataObject = parseDataObject(requestElem);
+    String trustProfileID =
+      XPathUtils.getElementValue(requestElem, TRUST_PROFILE_ID_XPATH, null);
+    InputStream cmsSignature =
+      Base64Utils.decodeToStream(cmsSignatureStr, true);
+
+    return factory.createVerifyCMSSignatureRequest(
+      signatories,
+      dateTime,
+      cmsSignature,
+      dataObject,
+      trustProfileID,
+      true,
+      extendedValidation);
+  }
+  
   /**
    * Parse a <code>VerifyCMSSignatureRequest</code> DOM element, as defined
    * by the MOA schema.
@@ -90,6 +128,9 @@ public class VerifyCMSSignatureRequestParser {
     int[] signatories = parseSignatories(requestElem);
     Date dateTime =
       RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH);
+    boolean extendedValidation = 
+    		RequestParserUtils.parseExtendedValidation(requestElem, EXTENDED_VALIDATION_XPATH, false);
+    
     String cmsSignatureStr =
       XPathUtils.getElementValue(requestElem, CMS_SIGNATURE_XPATH, "");
     CMSDataObject dataObject = parseDataObject(requestElem);
@@ -104,7 +145,8 @@ public class VerifyCMSSignatureRequestParser {
       cmsSignature,
       dataObject,
       trustProfileID,
-      false);
+      false,
+      extendedValidation);
   }
 
   /**
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
index b11560b..cefecac 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureResponseBuilder.java
@@ -35,6 +35,7 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
 import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
 import at.gv.egovernment.moa.spss.api.common.CheckResult;
 import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
 
 /**
  * Convert a <code>VerifyCMSSignatureResponse</code> API object into its
@@ -60,7 +61,7 @@ public class VerifyCMSSignatureResponseBuilder {
       ResponseBuilderUtils.createResponse("VerifyCMSSignatureResponse");
     responseElem = responseDoc.getDocumentElement();
   }
-
+  
   /**
    * Build a document containing a <code>VerifyCMSSignatureResponse</code>
    * DOM element being the XML representation of the given 
@@ -82,7 +83,7 @@ public class VerifyCMSSignatureResponseBuilder {
         (VerifyCMSSignatureResponseElement) iter.next();
       addResponseElement(responseElement);
     }
-
+    
     return responseDoc;
   }
 
@@ -125,6 +126,19 @@ public class VerifyCMSSignatureResponseBuilder {
       certCheck.getCode(),
       certCheck.getInfo());
     
+
+    if (responseElement.getAdESFormResults() != null) {
+
+		Iterator formIterator = responseElement.getAdESFormResults().iterator();
+
+		while (formIterator.hasNext()) {
+			AdESFormResults adESFormResult = (AdESFormResults) formIterator.next();
+			// add the CertificateCheck
+			ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult",
+					adESFormResult.getCode().intValue(), adESFormResult.getName());
+
+		}
+	}
     
   }
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
new file mode 100644
index 0000000..cc44c29
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyPDFSignatureResponseBuilder.java
@@ -0,0 +1,145 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package at.gv.egovernment.moa.spss.api.xmlbind;
+
+import java.util.Iterator;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
+
+/**
+ * Convert a <code>VerifyCMSSignatureResponse</code> API object into its
+ * XML representation, according to the MOA XML schema.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class VerifyPDFSignatureResponseBuilder {
+  /** The XML document containing the response element. */
+  private Document responseDoc;
+  /** The response <code>VerifyCMSSignatureResponse</code> DOM element. */
+  private Element responseElem;
+
+  /**
+   * Create a new <code>VerifyCMSSignatureResponseBuilder</code>:
+   * 
+   * @throws MOASystemException An error occurred setting up the resulting
+   * XML document.
+   */
+  public VerifyPDFSignatureResponseBuilder() throws MOASystemException {
+    responseDoc =
+      ResponseBuilderUtils.createResponse("VerifyPDFSignatureResponse");
+    responseElem = responseDoc.getDocumentElement();
+  }
+  
+  /**
+   * Build a document containing a <code>VerifyCMSSignatureResponse</code>
+   * DOM element being the XML representation of the given 
+   * <code>VerifyCMSSignatureResponse</code> API object.
+   * 
+   * @param response The <code>VerifyCMSSignatureResponse</code> to convert
+   * to XML.
+   * @return A document containing the <code>VerifyCMSSignatureResponse</code>
+   * DOM element.
+   * @throws MOAApplicationException An error occurred building the response.
+   */
+  public Document build(VerifyCMSSignatureResponse response)
+    throws MOAApplicationException {
+
+    Iterator iter;
+
+    for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+      VerifyCMSSignatureResponseElement responseElement =
+        (VerifyCMSSignatureResponseElement) iter.next();
+      addResponseElement(responseElement);
+    }
+    
+    return responseDoc;
+  }
+
+  /**
+   * Add an element to the response.
+   * 
+   * @param responseElement The element to add to the response.
+   * @throws MOAApplicationException An error occurred adding the element.
+   */
+  private void addResponseElement(VerifyCMSSignatureResponseElement responseElement)
+    throws MOAApplicationException {
+
+    SignerInfo signerInfo = responseElement.getSignerInfo();
+    CheckResult signatureCheck = responseElement.getSignatureCheck();
+    CheckResult certCheck = responseElement.getCertificateCheck();
+    
+    ResponseBuilderUtils.addSignerInfo(
+      responseDoc,
+      responseElem,
+      signerInfo.getSignerCertificate(),
+      signerInfo.isQualifiedCertificate(),
+      signerInfo.getQCSource(),
+      signerInfo.isPublicAuthority(),
+      signerInfo.getPublicAuhtorityID(),
+      signerInfo.isSSCD(),
+      signerInfo.getSSCDSource(),
+      signerInfo.getIssuerCountryCode());
+
+    ResponseBuilderUtils.addCodeInfoElement(
+      responseDoc,
+      responseElem,
+      "SignatureCheck",
+      signatureCheck.getCode(),
+      signatureCheck.getInfo());
+
+    ResponseBuilderUtils.addCodeInfoElement(
+      responseDoc,
+      responseElem,
+      "CertificateCheck",
+      certCheck.getCode(),
+      certCheck.getInfo());
+    
+
+    if (responseElement.getAdESFormResults() != null) {
+
+		Iterator formIterator = responseElement.getAdESFormResults().iterator();
+
+		while (formIterator.hasNext()) {
+			AdESFormResults adESFormResult = (AdESFormResults) formIterator.next();
+			// add the CertificateCheck
+			ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult",
+					adESFormResult.getCode().intValue(), adESFormResult.getName());
+
+		}
+	}
+    
+  }
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java
index 7bd0b9e..f1bb1d7 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParser.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.spss.api.xmlbind;
 
 import java.util.ArrayList;
@@ -32,11 +31,6 @@ import java.util.Map;
 import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
 
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.SPSSFactory;
 import at.gv.egovernment.moa.spss.api.common.Content;
@@ -46,6 +40,10 @@ import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moaspss.util.BoolUtils;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * @author Patrick Peck
@@ -53,32 +51,28 @@ import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
  */
 public class VerifyXMLSignatureRequestParser {
 
-  //
-  // XPath expressions for parsing parts of the request
-  //
-  private static final String MOA = Constants.MOA_PREFIX + ":";
-  private static final String DATE_TIME_XPATH = MOA + "DateTime";
-  private static final String RETURN_HASH_INPUT_DATA_XPATH =
-    MOA + "ReturnHashInputData";
-  private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID";
-  private static final String VERIFY_SIGNATURE_ENVIRONMENT_XPATH =
-    MOA + "VerifySignatureInfo/" + MOA + "VerifySignatureEnvironment";
-  private static final String VERIFY_SIGNATURE_LOCATION_XPATH =
-    MOA + "VerifySignatureInfo/" + MOA + "VerifySignatureLocation";
-  private static final String SUPPLEMENT_PROFILE_XPATH =
-    MOA + "SupplementProfile | " + MOA + "SupplementProfileID";
-  private static final String SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH =
-    MOA + "SignatureManifestCheckParams";
-  private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH =
-    (MOA + "VerifyTransformsInfoProfile | ")
-      + (MOA + "VerifyTransformsInfoProfileID");
-  private static final String REFERENCE_INFO_XPATH = MOA + "ReferenceInfo";
-
-  /** The <code>SPSSFactory</code> for creating new API objects. */
-  private SPSSFactory factory = SPSSFactory.getInstance();
-
-
-  /**
+	//
+	// XPath expressions for parsing parts of the request
+	//
+	private static final String MOA = Constants.MOA_PREFIX + ":";
+	private static final String DATE_TIME_XPATH = MOA + "DateTime";
+	private static final String EXTENDED_VALIDATION_XPATH = MOA + "ExtendedValidation";
+	private static final String RETURN_HASH_INPUT_DATA_XPATH = MOA + "ReturnHashInputData";
+	private static final String TRUST_PROFILE_ID_XPATH = MOA + "TrustProfileID";
+	private static final String VERIFY_SIGNATURE_ENVIRONMENT_XPATH = MOA + "VerifySignatureInfo/" + MOA
+			+ "VerifySignatureEnvironment";
+	private static final String VERIFY_SIGNATURE_LOCATION_XPATH = MOA + "VerifySignatureInfo/" + MOA
+			+ "VerifySignatureLocation";
+	private static final String SUPPLEMENT_PROFILE_XPATH = MOA + "SupplementProfile | " + MOA + "SupplementProfileID";
+	private static final String SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH = MOA + "SignatureManifestCheckParams";
+	private static final String VERIFY_TRANSFORMS_INFO_PROFILE_XPATH = (MOA + "VerifyTransformsInfoProfile | ")
+			+ (MOA + "VerifyTransformsInfoProfileID");
+	private static final String REFERENCE_INFO_XPATH = MOA + "ReferenceInfo";
+
+	/** The <code>SPSSFactory</code> for creating new API objects. */
+	private SPSSFactory factory = SPSSFactory.getInstance();
+
+	/**
    * Parse a <code>VerifyXMLSignatureRequest</code> DOM element, as defined
    * by the MOA schema.
    * 
@@ -94,6 +88,10 @@ public class VerifyXMLSignatureRequestParser {
 
     Date dateTime =
       RequestParserUtils.parseDateTime(requestElem, DATE_TIME_XPATH);
+    
+    boolean extendedValidation = 
+    		RequestParserUtils.parseExtendedValidation(requestElem, EXTENDED_VALIDATION_XPATH, false);
+    
     VerifySignatureInfo verifySignatureInfo =
       parseVerifySignatureInfo(requestElem);
     List supplementProfiles = parseSupplementProfiles(requestElem);
@@ -111,189 +109,178 @@ public class VerifyXMLSignatureRequestParser {
       supplementProfiles,
       signatureManifestCheckParams,
       returnHashInputData,
-      trustProfileID);
-  }
-
-  /**
-   * Parse the <code>VerifySignatureInfo</code> DOM element contained in
-   * the <code>VerifyXMLSignatureRequest</code> DOM element.
-   * 
-   * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element
-   * containing the <code>VerifySignatureInfo</code> DOM element.
-   * @return The <code>VerifySignatureInfo</code> API object containing the
-   * data from the DOM element.
-   */
-  private VerifySignatureInfo parseVerifySignatureInfo(Element requestElem) {
-    Element verifySignatureEnvironmentElem =
-      (Element) XPathUtils.selectSingleNode(
-        requestElem,
-        VERIFY_SIGNATURE_ENVIRONMENT_XPATH);
-    Content verifySignatureEnvironment =
-      RequestParserUtils.parseContent(verifySignatureEnvironmentElem);
-    VerifySignatureLocation verifySignatureLocation =
-      parseVerifySignatureLocation(requestElem);
-
-    return factory.createVerifySignatureInfo(
-      verifySignatureEnvironment,
-      verifySignatureLocation);
-  }
-
-  /**
-   * Parse the <code>VerifySignatureLocation</code> DOM element contained
-   * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
-   * 
-   * @param requestElem The <code>VerifyXMLSignatureRequst</code> DOM element.
-   * @return The <code>VerifySignatureLocation</code> API object containing the
-   * data from the DOM element.
-   */
-  private VerifySignatureLocation parseVerifySignatureLocation(Element requestElem) {
-    Element locationElem =
-      (Element) XPathUtils.selectSingleNode(
-        requestElem,
-        VERIFY_SIGNATURE_LOCATION_XPATH);
-    String xPathExpression = DOMUtils.getText(locationElem);
-    Map namespaceDeclarations = DOMUtils.getNamespaceDeclarations(locationElem);
-
-    return factory.createVerifySignatureLocation(
-      xPathExpression,
-      namespaceDeclarations);
-  }
-
-  /**
-   * Parse the supplement profiles contained in the given 
-   * <code>VerifyXMLSignatureRequest</code> DOM element.
-   * 
-   * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element.
-   * @return A <code>List</code> of <code>SupplementProfile</code> API objects
-   * containing the data from the <code>SupplementProfile</code> DOM elements.
-   */
-  private List parseSupplementProfiles(Element requestElem) {
-    List supplementProfiles = new ArrayList();
-    NodeIterator profileElems =
-      XPathUtils.selectNodeIterator(requestElem, SUPPLEMENT_PROFILE_XPATH);
-    Element profileElem;
-
-    while ((profileElem = (Element) profileElems.nextNode()) != null) {
-      SupplementProfile profile;
-
-      if ("SupplementProfile".equals(profileElem.getLocalName())) {
-        ProfileParser profileParser = new ProfileParser();
-        profile = profileParser.parseSupplementProfile(profileElem);
-      } else {
-        String profileID = DOMUtils.getText(profileElem);
-        profile = factory.createSupplementProfile(profileID);
-      }
-      supplementProfiles.add(profile);
-    }
-    return supplementProfiles;
-  }
-
-  /**
-   * Parse the <code>SignatureManifestCheckParams</code> DOM element contained
-   * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
-   * @param requestElem The <code>VerifyXMLSignatureRequest</code> DOM element.
-   * @return The <code>SignatureManifestCheckParams</code> API object containing
-   * the data from the <code>SignatureManifestCheckParams</code> DOM element.
-   * @throws MOAApplicationException An error occurred parsing the
-   * <code>SignatureManifestCheckParams</code> DOM element.
-   */
-  private SignatureManifestCheckParams parseSignatureManifestCheckParams(Element requestElem)
-    throws MOAApplicationException {
-    Element paramsElem =
-      (Element) XPathUtils.selectSingleNode(
-        requestElem,
-        SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH);
-
-    if (paramsElem != null) {
-      String returnReferenceInputDataStr =
-        paramsElem.getAttribute("ReturnReferenceInputData");
-      boolean returnReferencInputData =
-        BoolUtils.valueOf(returnReferenceInputDataStr);
-      List referenceInfos = parseReferenceInfos(paramsElem);
-
-      return factory.createSignatureManifestCheckParams(
-        referenceInfos,
-        returnReferencInputData);
-    } else {
-      return null;
-    }
+      trustProfileID,
+      extendedValidation);
   }
 
-  /**
-   * Parse the <code>ReferenceInfo</code> DOM elements contained in a
-   * <code>SignatureManifestCheckParams</code> DOM element.
-   * 
-   * @param paramsElem The <code>SignatureManifestCheckParams</code> DOM element
-   * containing the <code>ReferenceInfo</code> DOM elements.
-   * @return A <code>List</code> of <code>RefernceInfo</code> API objects
-   * containing the data from the <code>ReferenceInfo</code> DOM elements.
-   * @throws MOAApplicationException An error occurred parsing the 
-   * <code>ReferenceInfo</code> DOM elements.
-   */
-  private List parseReferenceInfos(Element paramsElem)
-    throws MOAApplicationException {
-
-    List referenceInfos = new ArrayList();
-    NodeIterator refInfoElems =
-      XPathUtils.selectNodeIterator(paramsElem, REFERENCE_INFO_XPATH);
-    Element refInfoElem;
-
-    while ((refInfoElem = (Element) refInfoElems.nextNode()) != null) {
-      ReferenceInfo referenceInfo = parseReferenceInfo(refInfoElem);
-
-      referenceInfos.add(referenceInfo);
-    }
-
-    return referenceInfos;
-  }
-
-  /**
-   * Parse a <code>ReferenceInfo</code> DOM element.
-   *  
-   * @param refInfoElem The <code>ReferenceInfo</code> DOM element to parse.
-   * @return The <code>ReferenceInfo</code> API object containing the data
-   * from the given <code>ReferenceInfo</code> DOM element.
-   * @throws MOAApplicationException An error occurred parsing the
-   * <code>ReferenceInfo</code> DOM element.
-   */
-  private ReferenceInfo parseReferenceInfo(Element refInfoElem)
-    throws MOAApplicationException {
-    List profiles = parseVerifyTransformsInfoProfiles(refInfoElem);
-    return factory.createReferenceInfo(profiles);
-  }
-
-  /**
-   * Parse the <code>VerifyTransformsInfoProfile</code> DOM elements contained
-   * in a <code>ReferenceInfo</code> DOM element.
-   * 
-   * @param refInfoElem <code>ReferenceInfo</code> DOM element containing
-   * the <code>VerifyTransformsInfoProfile</code> DOM elements.
-   * @return A <code>List</code> of <code>VerifyTransformsInfoProfile</code>
-   * API objects containing the profile data.
-   * @throws MOAApplicationException An error occurred building the
-   * <code>VerifyTransformsInfoProfile</code>s.
-   */
-  private List parseVerifyTransformsInfoProfiles(Element refInfoElem)
-    throws MOAApplicationException {
-
-    List profiles = new ArrayList();
-    NodeIterator profileElems =
-      XPathUtils.selectNodeIterator(
-        refInfoElem,
-        VERIFY_TRANSFORMS_INFO_PROFILE_XPATH);
-    Element profileElem;
-
-    while ((profileElem = (Element) profileElems.nextNode()) != null) {
-      if ("VerifyTransformsInfoProfile".equals(profileElem.getLocalName())) {
-        ProfileParser profileParser = new ProfileParser();
-        profiles.add(
-          profileParser.parseVerifyTransformsInfoProfile(profileElem));
-      } else {
-        String profileID = DOMUtils.getText(profileElem);
-        profiles.add(factory.createVerifyTransformsInfoProfile(profileID));
-      }
-    }
-    return profiles;
-  }
+	/**
+	 * Parse the <code>VerifySignatureInfo</code> DOM element contained in the
+	 * <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element
+	 *            containing the <code>VerifySignatureInfo</code> DOM element.
+	 * @return The <code>VerifySignatureInfo</code> API object containing the
+	 *         data from the DOM element.
+	 */
+	private VerifySignatureInfo parseVerifySignatureInfo(Element requestElem) {
+		Element verifySignatureEnvironmentElem = (Element) XPathUtils.selectSingleNode(requestElem,
+				VERIFY_SIGNATURE_ENVIRONMENT_XPATH);
+		Content verifySignatureEnvironment = RequestParserUtils.parseContent(verifySignatureEnvironmentElem);
+		VerifySignatureLocation verifySignatureLocation = parseVerifySignatureLocation(requestElem);
+
+		return factory.createVerifySignatureInfo(verifySignatureEnvironment, verifySignatureLocation);
+	}
+
+	/**
+	 * Parse the <code>VerifySignatureLocation</code> DOM element contained in
+	 * the given <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequst</code> DOM element.
+	 * @return The <code>VerifySignatureLocation</code> API object containing
+	 *         the data from the DOM element.
+	 */
+	private VerifySignatureLocation parseVerifySignatureLocation(Element requestElem) {
+		Element locationElem = (Element) XPathUtils.selectSingleNode(requestElem, VERIFY_SIGNATURE_LOCATION_XPATH);
+		String xPathExpression = DOMUtils.getText(locationElem);
+		Map namespaceDeclarations = DOMUtils.getNamespaceDeclarations(locationElem);
+
+		return factory.createVerifySignatureLocation(xPathExpression, namespaceDeclarations);
+	}
+
+	/**
+	 * Parse the supplement profiles contained in the given
+	 * <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * @return A <code>List</code> of <code>SupplementProfile</code> API objects
+	 *         containing the data from the <code>SupplementProfile</code> DOM
+	 *         elements.
+	 */
+	private List parseSupplementProfiles(Element requestElem) {
+		List supplementProfiles = new ArrayList();
+		NodeIterator profileElems = XPathUtils.selectNodeIterator(requestElem, SUPPLEMENT_PROFILE_XPATH);
+		Element profileElem;
+
+		while ((profileElem = (Element) profileElems.nextNode()) != null) {
+			SupplementProfile profile;
+
+			if ("SupplementProfile".equals(profileElem.getLocalName())) {
+				ProfileParser profileParser = new ProfileParser();
+				profile = profileParser.parseSupplementProfile(profileElem);
+			} else {
+				String profileID = DOMUtils.getText(profileElem);
+				profile = factory.createSupplementProfile(profileID);
+			}
+			supplementProfiles.add(profile);
+		}
+		return supplementProfiles;
+	}
+
+	/**
+	 * Parse the <code>SignatureManifestCheckParams</code> DOM element contained
+	 * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * @return The <code>SignatureManifestCheckParams</code> API object
+	 *         containing the data from the
+	 *         <code>SignatureManifestCheckParams</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the
+	 *             <code>SignatureManifestCheckParams</code> DOM element.
+	 */
+	private SignatureManifestCheckParams parseSignatureManifestCheckParams(Element requestElem)
+			throws MOAApplicationException {
+		Element paramsElem = (Element) XPathUtils.selectSingleNode(requestElem, SIGNATURE_MANIFEST_CHECK_PARAMS_XPATH);
+
+		if (paramsElem != null) {
+			String returnReferenceInputDataStr = paramsElem.getAttribute("ReturnReferenceInputData");
+			boolean returnReferencInputData = BoolUtils.valueOf(returnReferenceInputDataStr);
+			List referenceInfos = parseReferenceInfos(paramsElem);
+
+			return factory.createSignatureManifestCheckParams(referenceInfos, returnReferencInputData);
+		} else {
+			return null;
+		}
+	}
+
+	/**
+	 * Parse the <code>ReferenceInfo</code> DOM elements contained in a
+	 * <code>SignatureManifestCheckParams</code> DOM element.
+	 * 
+	 * @param paramsElem
+	 *            The <code>SignatureManifestCheckParams</code> DOM element
+	 *            containing the <code>ReferenceInfo</code> DOM elements.
+	 * @return A <code>List</code> of <code>RefernceInfo</code> API objects
+	 *         containing the data from the <code>ReferenceInfo</code> DOM
+	 *         elements.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>ReferenceInfo</code> DOM
+	 *             elements.
+	 */
+	private List parseReferenceInfos(Element paramsElem) throws MOAApplicationException {
+
+		List referenceInfos = new ArrayList();
+		NodeIterator refInfoElems = XPathUtils.selectNodeIterator(paramsElem, REFERENCE_INFO_XPATH);
+		Element refInfoElem;
+
+		while ((refInfoElem = (Element) refInfoElems.nextNode()) != null) {
+			ReferenceInfo referenceInfo = parseReferenceInfo(refInfoElem);
+
+			referenceInfos.add(referenceInfo);
+		}
+
+		return referenceInfos;
+	}
+
+	/**
+	 * Parse a <code>ReferenceInfo</code> DOM element.
+	 * 
+	 * @param refInfoElem
+	 *            The <code>ReferenceInfo</code> DOM element to parse.
+	 * @return The <code>ReferenceInfo</code> API object containing the data
+	 *         from the given <code>ReferenceInfo</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>ReferenceInfo</code> DOM
+	 *             element.
+	 */
+	private ReferenceInfo parseReferenceInfo(Element refInfoElem) throws MOAApplicationException {
+		List profiles = parseVerifyTransformsInfoProfiles(refInfoElem);
+		return factory.createReferenceInfo(profiles);
+	}
+
+	/**
+	 * Parse the <code>VerifyTransformsInfoProfile</code> DOM elements contained
+	 * in a <code>ReferenceInfo</code> DOM element.
+	 * 
+	 * @param refInfoElem
+	 *            <code>ReferenceInfo</code> DOM element containing the
+	 *            <code>VerifyTransformsInfoProfile</code> DOM elements.
+	 * @return A <code>List</code> of <code>VerifyTransformsInfoProfile</code>
+	 *         API objects containing the profile data.
+	 * @throws MOAApplicationException
+	 *             An error occurred building the
+	 *             <code>VerifyTransformsInfoProfile</code>s.
+	 */
+	private List parseVerifyTransformsInfoProfiles(Element refInfoElem) throws MOAApplicationException {
+
+		List profiles = new ArrayList();
+		NodeIterator profileElems = XPathUtils.selectNodeIterator(refInfoElem, VERIFY_TRANSFORMS_INFO_PROFILE_XPATH);
+		Element profileElem;
+
+		while ((profileElem = (Element) profileElems.nextNode()) != null) {
+			if ("VerifyTransformsInfoProfile".equals(profileElem.getLocalName())) {
+				ProfileParser profileParser = new ProfileParser();
+				profiles.add(profileParser.parseVerifyTransformsInfoProfile(profileElem));
+			} else {
+				String profileID = DOMUtils.getText(profileElem);
+				profiles.add(factory.createVerifyTransformsInfoProfile(profileID));
+			}
+		}
+		return profiles;
+	}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
index bc949fa..2109b35 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureResponseBuilder.java
@@ -32,9 +32,9 @@ import org.w3c.dom.DocumentFragment;
 import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.Constants;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOASystemException;
 import at.gv.egovernment.moa.spss.api.common.Content;
@@ -137,23 +137,18 @@ public class VerifyXMLSignatureResponseBuilder {
 		ResponseBuilderUtils.addCodeInfoElement(responseDoc, responseElem, "CertificateCheck",
 				response.getCertificateCheck().getCode(), response.getCertificateCheck().getInfo());
 
-		try {
-			if (ConfigurationProvider.getInstance().getAdesFormResults() && response.getAdESFormResults() != null) {
+		if (response.getAdESFormResults() != null) {
 
-				Iterator formIterator = response.getAdESFormResults().iterator();
+			Iterator formIterator = response.getAdESFormResults().iterator();
 
-				while (formIterator.hasNext()) {
-					AdESFormResults adESFormResult = (AdESFormResults) formIterator.next();
-					// add the CertificateCheck
-					ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult",
-							adESFormResult.getCode().intValue(), adESFormResult.getName());
+			while (formIterator.hasNext()) {
+				AdESFormResults adESFormResult = (AdESFormResults) formIterator.next();
+				// add the CertificateCheck
+				ResponseBuilderUtils.addFormCheckElement(responseDoc, responseElem, "FormCheckResult",
+						adESFormResult.getCode().intValue(), adESFormResult.getName());
 
-				}
 			}
-		} catch (ConfigurationException e) {
-			Logger.warn("Failed to access configuration to determine if we should return AdES Form Results");
 		}
-
 		return responseDoc;
 	}
 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java
index a6272d5..c4a0fd1 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/api/xmlverify/VerifyXMLSignatureRequest.java
@@ -76,4 +76,12 @@ public interface VerifyXMLSignatureRequest {
    * @return The id of the trusted certificates.
    */
   public String getTrustProfileId();
+  
+  /**
+   * Should perform extended validation
+   * 
+   * @return <code>true</code>, if signed data will be returned,
+   * otherwise <code>false</code>.
+   */
+  public boolean getExtendedValidaiton();
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java
index bb2589a..b2389a4 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/CRLDistributionPoint.java
@@ -31,10 +31,9 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.StringTokenizer;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
-
 import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * A class representing a CRL distribution point.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 6bc6f0b..3c7bf6a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -31,6 +31,7 @@ import iaik.pki.revocation.RevocationSourceTypes;
 import iaik.server.modules.xml.BlackListEntry;
 import iaik.server.modules.xml.ExternalReferenceChecker;
 import iaik.server.modules.xml.WhiteListEntry;
+import iaik.util.logging.Log;
 import iaik.utils.RFC2253NameParser;
 import iaik.utils.RFC2253NameParserException;
 import iaik.xml.crypto.utils.URI;
@@ -62,16 +63,16 @@ import org.w3c.dom.Element;
 import org.w3c.dom.traversal.NodeIterator;
 import org.xml.sax.SAXException;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
 import at.gv.egovernment.moa.spss.api.impl.TSLConfigurationImpl;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.FileUtils;
+import at.gv.egovernment.moaspss.util.StringUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A class that builds configuration data from a DOM based representation.
@@ -259,6 +260,16 @@ public class ConfigurationPartsBuilder {
 	    ROOT + CONF + "SignatureVerification/" 
 	    + CONF + "PermitFileURIs";
   
+  private static final String CONNECTION_TIMEOUT_XPATH_ =
+		    ROOT + CONF + "SignatureVerification/" 
+		    + CONF + "CertificateValidation/"
+		    + CONF + "ConnectionTimeout";
+		    
+  private static final String READ_TIMEOUT_XPATH_ =
+    ROOT + CONF + "SignatureVerification/" 
+    + CONF + "CertificateValidation/"
+    + CONF + "ReadTimeout";
+  
   private static final String TSL_CONFIGURATION_XPATH = 
 	  ROOT + CONF + "SignatureVerification/"
 	  + CONF + "CertificateValidation/" 
@@ -408,6 +419,51 @@ public class ConfigurationPartsBuilder {
     return pdfasConfiguration;
   }
   
+  /**
+   * Returns the digest method algorithm name.
+   * 
+   * @return The digest method algorithm name from the configuration.
+   */
+  public int getConnectionTimeout() 
+  {
+    String connectionTimeout = getElementValue(getConfigElem(), CONNECTION_TIMEOUT_XPATH_, "30");
+    int defaultConnectionTimeout = 30;
+    
+    if(connectionTimeout != null) {
+    	try {
+    		defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+    	} catch(NumberFormatException e) {
+    		Log.warn("Configuration value " + CONNECTION_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
+    	}
+    }
+    
+    if(defaultConnectionTimeout < 0) {
+    	defaultConnectionTimeout = 30;
+    }
+    
+    return defaultConnectionTimeout;
+  }
+  
+  public int getReadTimeout() 
+  {
+    String connectionTimeout = getElementValue(getConfigElem(), READ_TIMEOUT_XPATH_, "30");
+    int defaultConnectionTimeout = 30;
+    
+    if(connectionTimeout != null) {
+    	try {
+    		defaultConnectionTimeout = Integer.parseInt(connectionTimeout);
+    	} catch(NumberFormatException e) {
+    		Log.warn("Configuration value " + READ_TIMEOUT_XPATH_ + " should be a number defaulting to 30");
+    	}
+    }
+    
+    if(defaultConnectionTimeout < 0) {
+    	defaultConnectionTimeout = 30;
+    }
+    
+    return defaultConnectionTimeout;
+  }
+  
   public boolean getAdesFormResult()
   {
 	  String enableArchiving = getElementValue(getConfigElem(), FORMRESULT_CONFIGURATION_XPATH, null);
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
index 578f2fd..d777d8f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.java
@@ -46,11 +46,11 @@ import java.util.Set;
 
 import org.w3c.dom.Element;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.DOMUtils;
 
 /**
  * A class providing access to the MOA configuration data.
@@ -107,6 +107,9 @@ public class ConfigurationProvider
   /** PDF AS Configuration */
   private String pdfAsConfiguration;
   
+  private int connectionTimeout;
+  private int readTimeout;
+  
   /** 
    * A <code>List</code> of <code>HardwareCryptoModule</code> objects for 
    * configuring hardware modules.
@@ -376,6 +379,8 @@ public class ConfigurationProvider
       keyGroupMappings =
         builder.buildKeyGroupMappings(keyGroups, ANONYMOUS_ISSUER_SERIAL);
       
+      connectionTimeout = builder.getConnectionTimeout();
+      readTimeout = builder.getReadTimeout();
       pdfAsConfiguration = builder.getPDFASConfiguration();
       adesFormResults = builder.getAdesFormResult();
       xadesVersion = builder.getXAdESVersion();
@@ -553,8 +558,16 @@ public class ConfigurationProvider
   }
   
   public String getPDFASConfiguration() {
-	    return pdfAsConfiguration;
-	  }
+	return pdfAsConfiguration;
+  }
+  
+  public int getConnectionTimeout() {
+	  return this.connectionTimeout;
+  }
+  
+  public int getReadTimeout() {
+	  return this.readTimeout;
+  }
  
   public boolean getAdesFormResults() {
 	  return this.adesFormResults;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
index 49e5ecc..2dc047a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmssign/CMSSignatureCreationProfileImpl.java
@@ -35,10 +35,10 @@ import iaik.server.modules.keys.UnknownKeyException;
 import java.util.List;
 import java.util.Set;
 
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * An object providing auxiliary information for creating a CMS signature.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
index 9189597..785c85b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/cmsverify/PDFSignatureVerificationProfileImpl.java
@@ -1,6 +1,6 @@
 package at.gv.egovernment.moa.spss.server.iaik.cmsverify;
 
-import iaik.server.modules.cmsverify.PDFSignatureVerificationProfile;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile;
 
 public class PDFSignatureVerificationProfileImpl extends CMSSignatureVerificationProfileImpl
 		implements PDFSignatureVerificationProfile {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
index 304a7d3..d752a63 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
@@ -33,11 +33,12 @@ import iaik.pki.ldap.Handler;
 import java.io.InputStream;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.net.URLConnection;
 import java.net.URLStreamHandler;
 import java.util.Collection;
 import java.util.Date;
 
-import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * A customized implementation of
@@ -51,6 +52,11 @@ import at.gv.egovernment.moa.logging.Logger;
  * @version $$
  */
 public class CRLRetriever implements RevocationInfoRetriever {
+	
+	private int connectTimeout = 5;
+	private int readTimeout = 5;
+	
+	
 	public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid)
 			throws RevocationStoreException {
 		if (source == null) {
@@ -70,8 +76,10 @@ public class CRLRetriever implements RevocationInfoRetriever {
 				URLStreamHandler handler = new Handler();
 				crlUrl = new URL(null, source.getUri(), handler);
 			}
-
-			InputStream crlInputStream = crlUrl.openStream();
+			URLConnection con = crlUrl.openConnection();
+			con.setConnectTimeout(connectTimeout);
+			con.setReadTimeout(readTimeout);
+			InputStream crlInputStream = con.getInputStream();
 			source.readFrom(crlInputStream, tid);
 			source.setDownloadTime(new Date());
 			crlInputStream.close();
@@ -83,11 +91,11 @@ public class CRLRetriever implements RevocationInfoRetriever {
 
 	@Override
 	public void setConnectTimeout(int arg0) {
-		// TODO AFITZEK IMPLEMENT THIS METHOD
+		this.connectTimeout = arg0;
 	}
 
 	@Override
 	public void setReadTimeout(int arg0) {
-		// TODO AFITZEK IMPLEMENT THIS METHOD
+		this.readTimeout = arg0;
 	}
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index ef9ddeb..c49004b 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -43,8 +43,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.config.KeyGroup;
@@ -53,6 +51,8 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.util.CertStoreConverter;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.spss.util.SecProviderUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * A class responsible for configuring the IAIK MOA modules.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
index 3fb842f..317fcca 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/LoggerConfigImpl.java
@@ -26,11 +26,10 @@ package at.gv.egovernment.moa.spss.server.iaik.config;
 
 import java.util.Properties;
 
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 import iaik.logging.LogConfigurationException;
 import iaik.logging.LoggerConfig;
 
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-
 /**
  * Default implementation of the <code>LoggerConfig</code> interface.
  * 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
index fe0de1f..6341609 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/PKIConfigurationImpl.java
@@ -47,6 +47,8 @@ public class PKIConfigurationImpl implements PKIConfiguration {
 	private ArchiveConfiguration archiveConfiguration;
 	/** The certificate validation configuration. */
 	private ValidationConfiguration validationConfiguration;
+	private int connectionTimeout;
+	private int readTimeout;
 
 	/**
 	 * Create a new <code>PKIConfigurationImpl</code>.
@@ -68,6 +70,8 @@ public class PKIConfigurationImpl implements PKIConfiguration {
 		}
 
 		this.validationConfiguration = new ValidationConfigurationImpl(config);
+		this.connectionTimeout = config.getConnectionTimeout();
+		this.readTimeout = config.getReadTimeout();
 	}
 
 	/**
@@ -100,14 +104,12 @@ public class PKIConfigurationImpl implements PKIConfiguration {
 
 	@Override
 	public int getConnectTimeout() {
-		// TODO AFITZEK IMPLEMENT THIS METHOD
-		return 0;
+		return this.connectionTimeout;
 	}
 
 	@Override
 	public int getReadTimeout() {
-		// TODO AFITZEK IMPLEMENT THIS METHOD
-		return 0;
+		return this.readTimeout;
 	}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
index a09a701..5df84c9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/RevocationConfigurationImpl.java
@@ -27,6 +27,7 @@ import iaik.pki.revocation.RevocationConfiguration;
 import iaik.pki.revocation.dbcrl.config.DBCrlConfig;
 
 import java.security.cert.X509Certificate;
+import java.util.Collections;
 import java.util.Date;
 import java.util.Map;
 import java.util.Set;
@@ -100,7 +101,7 @@ public class RevocationConfigurationImpl extends AbstractObservableConfiguration
 	@Override
 	public Set getPositiveOCSPResponders() {
 		// TODO AFITZEK IMPLEMENT THIS METHOD
-		return null;
+		return Collections.EMPTY_SET;
 	}
 
 	@Override
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
index 937f32f..1aed76e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/config/SoftwareKeyModuleConfigurationImpl.java
@@ -30,12 +30,10 @@ import java.io.InputStream;
 
 import iaik.server.modules.keys.ConfigurationException;
 import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;
-
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
-
 import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * An implementation of the <code>SoftwareKeyModuleConfiguration</code> wrapping
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
index 1c5d26a..9e6ed6d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xml/XSLTTransformationImpl.java
@@ -39,12 +39,16 @@ import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
 import at.gv.egovernment.moa.spss.util.NodeListToNodeSetDataAdapter;
-import at.gv.egovernment.moa.util.NodeListAdapter;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.XPathException;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moaspss.util.NodeListAdapter;
+import at.gv.egovernment.moaspss.util.StreamUtils;
+import at.gv.egovernment.moaspss.util.XPathException;
+import at.gv.egovernment.moaspss.util.XPathUtils;
+import iaik.server.modules.xml.MOAXSecProvider;
 import iaik.server.modules.xml.XSLTTransformation;
 import iaik.xml.crypto.dsig.XMLSignatureFactory;
+import iaik.xml.filter.impl.dsig.CanonInputStream;
+import iaik.xml.filter.impl.dsig.Canonicalizer;
+import iaik.xml.filter.impl.dsig.Traverser;
 
 /**
  * A <code>Transformation</code> containing an XSLT transformation.
@@ -195,12 +199,18 @@ public class XSLTTransformationImpl extends TransformationImpl implements XSLTTr
    */
   private static InputStream canonicalize(Element element)
     throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, TransformException {
-	  CanonicalizationMethod canonicalizationMethod = XMLSignatureFactory.getInstance().newCanonicalizationMethod(
-			  CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
+	 // CanonicalizationMethod canonicalizationMethod = 
+		//	  MOAXSecProvider.getXMLSignatureFactory().newCanonicalizationMethod(
+		//	  CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
 	  
     //CanonicalizationAlgorithm c14n =
      // new CanonicalizationAlgorithmImplExclusiveCanonicalXML();
-    NodeList nodeList;
+	Traverser traverser = new Traverser(element, true, true); 
+	Canonicalizer canonicalizer = new Canonicalizer(traverser, false, true, null); 
+	
+	return new CanonInputStream(canonicalizer); 
+	/*
+	NodeList nodeList;
   
     try {
       nodeList = XPathUtils.selectNodeList(element, XPathUtils.ALL_NODES_XPATH);
@@ -211,7 +221,7 @@ public class XSLTTransformationImpl extends TransformationImpl implements XSLTTr
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
     canonicalizationMethod.transform(new NodeListToNodeSetDataAdapter(nodeList), null, baos);
     baos.close();
-    return new ByteArrayInputStream(baos.toByteArray());
+    return new ByteArrayInputStream(baos.toByteArray());*/
   }
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
index 7d0c5a0..9d6e3d2 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.java
@@ -37,11 +37,11 @@ import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
 import java.util.List;
 import java.util.Set;
 
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.server.util.IdGenerator;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * An object providing auxiliary information for creating an XML signature.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
index 37569c5..094e446 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/init/SystemInitializer.java
@@ -36,25 +36,28 @@ import java.util.Timer;
 
 import org.slf4j.LoggerFactory;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.iaik.config.IaikConfigurator;
 import at.gv.egovernment.moa.spss.server.service.RevocationArchiveCleaner;
+import at.gv.egovernment.moa.spss.tsl.connector.MOATSLVerifier;
 import at.gv.egovernment.moa.spss.tsl.connector.TSLConnector;
 import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
 import iaik.pki.store.certstore.CertStoreException;
 import iaik.pki.store.truststore.TrustStoreException;
 import iaik.server.ConfigurationData;
+import iaik.xml.crypto.tsl.SecuredSAXParserFactoryImpl;
 import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
 import iaik.xml.crypto.tsl.ex.TSLSearchException;
+import iaik.xml.crypto.tsl.verify.ITSLVerifierFactory;
 
 /**
  * MOA SP/SS web service initialization.
@@ -93,8 +96,8 @@ public class SystemInitializer {
 	  logger.info("##############################################################################");
 	  logger.info("##############################################################################");
 	  logger.info("###                                                                        ###");
-	  logger.info("###                          LOADING MOA-SIG                               ###");
-	  logger.info("###                          ===============                               ###");
+	  logger.info("###                          LOADING MOA-SPSS                              ###");
+	  logger.info("###                          ================                              ###");
 	  logger.info("###                                                                        ###");
 	  logger.info("##############################################################################");
 	  logger.info("##############################################################################");
@@ -153,7 +156,11 @@ public class SystemInitializer {
       TSLConnector tslconnector = new TSLConnector();
       if (tslconfig != null) {
     	  //Logger.info(new LogMsg(msg.getMessage("init.01", null)));
+    	  SecuredSAXParserFactoryImpl.newInstance();
     	  Logger.info(new LogMsg(msg.getMessage("config.41", null)));
+    	  
+    	  ITSLVerifierFactory.setITSLVerifier(new MOATSLVerifier());
+    	  
     	  tslconnector.initialize(tslconfig.getEuTSLUrl(), tslconfig.getWorkingDirectory(), null, null);
   		  
       }
@@ -188,6 +195,11 @@ public class SystemInitializer {
     	Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
     } catch (CertificateException e) {
     	Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+	} catch (Throwable e) {
+    	Logger.fatal(new LogMsg(msg.getMessage("init.00", null)), e);
+    	throw e;
+	} finally {
+		logger.info("Configuration initialized");
 	}
 
     
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
index df04434..8e9380e 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureCreationInvoker.java
@@ -52,8 +52,6 @@ import java.util.Set;
 
 import org.apache.commons.io.IOUtils;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.MOASystemException;
@@ -75,7 +73,9 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.util.FilteredOutputStream;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * A class providing an API based interface to the
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
index 905254e..906abbe 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvoker.java
@@ -21,7 +21,6 @@
  * that you distribute must include a readable copy of the "NOTICE" text file.
  */
 
-
 package at.gv.egovernment.moa.spss.server.invoke;
 
 import iaik.server.modules.AdESFormVerificationResult;
@@ -34,6 +33,11 @@ import iaik.server.modules.cmsverify.CMSSignatureVerificationModuleFactory;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
 import iaik.server.modules.cmsverify.ExtendedCMSSignatureVerificationResult;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationResult;
+import iaik.util.logging.Log;
+import iaik.server.modules.pdfverify.ExtendedPDFSignatureVerificationResult;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationModule;
 import iaik.x509.X509Certificate;
 
 import java.io.ByteArrayInputStream;
@@ -50,10 +54,8 @@ import java.util.List;
 import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.io.HexDump;
 import org.apache.commons.io.IOUtils;
+import org.slf4j.LoggerFactory;
 
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
@@ -70,14 +72,17 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.util.CertificateUtils;
 import at.gv.egovernment.moa.spss.util.QCSSCDResult;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 
 /**
  * A class providing an interface to the
  * <code>CMSSignatureVerificationModule</code>.
  * 
- * This class performs the invocation of the 
+ * This class performs the invocation of the
  * <code>iaik.server.modules.cmsverify.CMSSignatureVerificationModule</code>
- * from a <code>VerifyCMSSignatureRequest</code>. The result of the invocation 
+ * from a <code>VerifyCMSSignatureRequest</code>. The result of the invocation
  * is integrated into a <code>VerifyCMSSignatureResponse</code> returned.
  * 
  * @author Patrick Peck
@@ -85,338 +90,414 @@ import at.gv.egovernment.moa.spss.util.QCSSCDResult;
  */
 public class CMSSignatureVerificationInvoker {
 
-  /** The single instance of this class. */
-  private static CMSSignatureVerificationInvoker instance = null;
-
-  /**
-   * Return the only instance of this class.
-   * 
-   * @return The only instance of this class.
-   */
-  public static synchronized CMSSignatureVerificationInvoker getInstance() {
-    if (instance == null) {
-      instance = new CMSSignatureVerificationInvoker();
-    }
-    return instance;
-  }
-
-  /**
-   * Create a new <code>CMSSignatureVerificationInvoker</code>.
-   * 
-   * Protected to disallow multiple instances.
-   */
-  protected CMSSignatureVerificationInvoker() {
-  }
-
-  /**
-   * Verify a CMS signature.
-   * 
-   * @param request The <code>VerifyCMSSignatureRequest</code> containing the
-   * CMS signature, as well as additional data needed for verification.
-   * @return Element A <code>VerifyCMSSignatureResponse</code> containing the
-   * answer to the <code>VerifyCMSSignatureRequest</code>.
-   * @throws MOAException An error occurred while processing the request.
-   */
-  public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request)
-    throws MOAException {
-	  
-    CMSSignatureVerificationProfileFactory profileFactory =
-      new CMSSignatureVerificationProfileFactory(request);
-    VerifyCMSSignatureResponseBuilder responseBuilder =
-      new VerifyCMSSignatureResponseBuilder();
-    TransactionContext context =
-      TransactionContextManager.getInstance().getTransactionContext();
-    LoggingContext loggingCtx =
-      LoggingContextManager.getInstance().getLoggingContext();
-    InputStream signature;
-    InputStream signedContent = null;
-    CMSSignatureVerificationProfile profile;
-    Date signingTime;
-    List results;
-    ExtendedCMSSignatureVerificationResult result;
-    int[] signatories;
-    InputStream input;
-    byte[] buf = new byte[2048];
-
-    // get the signature
-    signature = request.getCMSSignature();
-    
- // get the actual trustprofile
-    TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
-    
-    try {
-      // get the signed content
-      signedContent = getSignedContent(request);
-      
-      // build the profile
-      if(request.isPDF()) {
-    	  profile = profileFactory.createPDFProfile();
-      } else {
-    	  profile = profileFactory.createProfile();
-      }
-
-      // get the signing time
-      signingTime = request.getDateTime();
-
-      // verify the signature
-      CMSSignatureVerificationModule module =
-        CMSSignatureVerificationModuleFactory.getInstance();
-
-      module.setLog(new IaikLog(loggingCtx.getNodeID()));
-      
-      module.init(
-        signature,
-        signedContent,
-        profile,
-        new TransactionId(context.getTransactionID()));
-      input = module.getInputStream();
-
-      while (input.read(buf) > 0);
-      //results = module.verifyCAdESSignature(signingTime);
-      results = module.verifySignature(signingTime);
-      
-    } catch (IAIKException e) {
-      MOAException moaException = IaikExceptionMapper.getInstance().map(e);
-      throw moaException;
-    } catch (IAIKRuntimeException e) {
-      MOAException moaException = IaikExceptionMapper.getInstance().map(e);
-      throw moaException;
-    } catch (IOException e) {
-      throw new MOAApplicationException("2244", null, e);
-    } catch (MOAException e)
-    {
-      throw e;
-    }
-    finally
-    {
-      try
-      {
-        if (signedContent != null) signedContent.close();
-      }
-      catch (Throwable t)
-      {
-        // Intentionally do nothing here
-      }
-    }
-
-    QCSSCDResult qcsscdresult = new QCSSCDResult();
-    
-    // build the response: for each signatory add the result to the response
-    signatories = request.getSignatories();
-    if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
-      Iterator resultIter;
-
-      for (resultIter = results.iterator(); resultIter.hasNext();) {
-    	  Object resultObject = resultIter.next();
-    	  CMSSignatureVerificationResult cmsResult = null;
-    	  List adesResults = null;
-    	  if(resultObject instanceof ExtendedCMSSignatureVerificationResult) {
-    		  result = (ExtendedCMSSignatureVerificationResult) resultObject;
-
-    		  adesResults = getAdESResult(result.getFormVerificationResult());
-
-    			if (adesResults != null) {
-    				Iterator adesIterator = adesResults.iterator();
-    				while (adesIterator.hasNext()) {
-    					Logger.info("ADES Formresults: " + adesIterator.next().toString());
-    				}
-    			}
-    	  } else {
-    		  cmsResult = (CMSSignatureVerificationResult)resultObject;
-    	  }
-    	  
-        
-        String issuerCountryCode = null;
-        // QC/SSCD check
-        
-        List list = cmsResult.getCertificateValidationResult().getCertificateChain();
-        if (list != null) {
-            X509Certificate[] chain = new X509Certificate[list.size()];
-            
-            Iterator it = list.iterator();
-            int i = 0;
-            while(it.hasNext()) {
-            	chain[i] = (X509Certificate)it.next();
-            	i++;
-            }
-            
-            
-            qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
-
-            // get signer certificate issuer country code
-            issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0));
-
-        }
-        
-        responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
-      }
-    } else {
-      int i;
-
-      for (i = 0; i < signatories.length; i++) {
-        int sigIndex = signatories[i] - 1;
-
-        try {
-          result =
-            (ExtendedCMSSignatureVerificationResult) results.get(signatories[i] - 1);
-          
-          String issuerCountryCode = null;
-          
-          CMSSignatureVerificationResult cmsResult = result.getCMSSignatureVerificationResult();
-          
-          List adesResults = getAdESResult(result.getFormVerificationResult());
-
-  		if (adesResults != null) {
-  			Iterator adesIterator = adesResults.iterator();
-  			while (adesIterator.hasNext()) {
-  				Logger.info("ADES Formresults: " + adesIterator.next().toString());
-  			}
-  		}
-          
-          // QC/SSCD check
-          List list = cmsResult.getCertificateValidationResult().getCertificateChain();
-          if (list != null) {
-              X509Certificate[] chain = new X509Certificate[list.size()];
-              
-              Iterator it = list.iterator();
-              int j = 0;
-              while(it.hasNext()) {
-              	chain[j] = (X509Certificate)it.next();
-              	j++;
-              }
-              
-              
-              qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
-              
-              issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate)list.get(0)); 
-          }
-            
-          responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
-        } catch (IndexOutOfBoundsException e) {
-          throw new MOAApplicationException(
-            "2249",
-            new Object[] { new Integer(sigIndex)});
-        }
-      }
-    }
-    
-    return responseBuilder.getResponse();
-  }
-
- 
-  /**
-   * Get the signed content contained either in the request itself or given as a
-   * reference to external data.
-   * 
-   * @param request The <code>VerifyCMSSignatureRequest</code> containing the
-   * signed content (or the reference to the signed content).
-   * @return InputStream A stream providing the signed content data, or
-   * <code>null</code> if no signed content was provided with the request.
-   * @throws MOAApplicationException An error occurred building the stream.
-   */
-  private InputStream getSignedContent(VerifyCMSSignatureRequest request)
-    throws MOAApplicationException {
-
-	  InputStream is = null;
-    CMSDataObject dataObj;
-    CMSContent content;
-
-    // select the Content element
-    dataObj = request.getDataObject();
-    if (dataObj == null) {
-      return null;
-    }
-    content = dataObj.getContent();
-    
-    // build the content data
-    switch (content.getContentType()) {
-      case CMSContent.EXPLICIT_CONTENT :
-        is = ((CMSContentExcplicit) content).getBinaryContent();
-        is = excludeByteRange(is, request);
-        return is;
-      case CMSContent.REFERENCE_CONTENT :
-        String reference = ((CMSContentReference) content).getReference();
-        if (!"".equals(reference)) {
-          ExternalURIResolver resolver = new ExternalURIResolver();
-          is = resolver.resolve(reference);
-          is = excludeByteRange(is, request);
-          return is;          
-        } else {
-          return null;
-        }
-      default :
-        return null;
-    }
-    
-
-
-  }
-  
-  private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request) throws MOAApplicationException {
-	  
-	  int byteRead;
-	  
-	  ByteArrayOutputStream contentOs = new ByteArrayOutputStream();
-	  
-	  CMSDataObject dataobject = request.getDataObject();
-	  BigDecimal from = dataobject.getExcludeByteRangeFrom();
-	  BigDecimal to = dataobject.getExcludeByteRangeTo();
-	  
-	  if ( (from == null) || (to == null))
-		  return contentIs;
-	  
-	  BigDecimal counter = new BigDecimal("0");
-	  BigDecimal one = new BigDecimal("1");
-	  
-	  try {
-		while ((byteRead=contentIs.read()) >= 0) {
-			
-			if (inRange(counter, dataobject)) {
-				  // if byte is in byte range, set byte to 0x00
-				  contentOs.write(0);
-			  }
-			  else
-				  contentOs.write(byteRead);
-			  
-			  counter = counter.add(one);				  
+	/** The single instance of this class. */
+	private static CMSSignatureVerificationInvoker instance = null;
+
+	/**
+	 * Return the only instance of this class.
+	 * 
+	 * @return The only instance of this class.
+	 */
+	public static synchronized CMSSignatureVerificationInvoker getInstance() {
+		if (instance == null) {
+			instance = new CMSSignatureVerificationInvoker();
+		}
+		return instance;
+	}
+
+	/**
+	 * Create a new <code>CMSSignatureVerificationInvoker</code>.
+	 * 
+	 * Protected to disallow multiple instances.
+	 */
+	protected CMSSignatureVerificationInvoker() {
+	}
+
+	/**
+	 * Verify a CMS signature.
+	 * 
+	 * @param request
+	 *            The <code>VerifyCMSSignatureRequest</code> containing the CMS
+	 *            signature, as well as additional data needed for verification.
+	 * @return Element A <code>VerifyCMSSignatureResponse</code> containing the
+	 *         answer to the <code>VerifyCMSSignatureRequest</code>.
+	 * @throws MOAException
+	 *             An error occurred while processing the request.
+	 */
+	public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest request) throws MOAException {
+
+		CMSSignatureVerificationProfileFactory profileFactory = new CMSSignatureVerificationProfileFactory(request);
+		VerifyCMSSignatureResponseBuilder responseBuilder = new VerifyCMSSignatureResponseBuilder();
+		TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+		LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
+		InputStream signature;
+		InputStream signedContent = null;
+		Date signingTime;
+		List results;
+		int[] signatories;
+		InputStream input;
+		byte[] buf = new byte[2048];
+
+		// get the signature
+		signature = request.getCMSSignature();
+
+		// get the actual trustprofile
+		TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
+
+		try {
+			// get the signing time
+			signingTime = request.getDateTime();
+
+			// build the profile
+			if (request.isPDF()) {
+				PDFSignatureVerificationProfile profile = profileFactory.createPDFProfile();
+				Logger.info("Sending PDFSignatureVerificationProfile to IAIK-MOA");
+
+				PDFSignatureVerificationModule module = iaik.server.modules.pdfverify.PDFSignatureVerificationModuleFactory
+						.getInstance();
+
+				module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+				module.init(signature, profile, new TransactionId(context.getTransactionID()));
+
+				// input = module.getInputStream();
+
+				// while (input.read(buf) > 0);
+				if(request.isExtended()) {
+					results = module.verifyPAdESSignature(signingTime);
+				} else {
+					results = module.verifySignature(signingTime);
+				}
+
+			} else {
+				// get the signed content
+				signedContent = getSignedContent(request);
+				CMSSignatureVerificationProfile profile = profileFactory.createProfile();
+				Logger.info("Sending CMSSignatureVerificationProfile to IAIK-MOA");
+
+				// verify the signature
+				CMSSignatureVerificationModule module = CMSSignatureVerificationModuleFactory.getInstance();
+
+				module.setLog(new IaikLog(loggingCtx.getNodeID()));
+
+				module.init(signature, signedContent, profile, new TransactionId(context.getTransactionID()));
+				input = module.getInputStream();
+
+				while (input.read(buf) > 0)
+					;
+				
+				if(request.isExtended()) {
+					results = module.verifyCAdESSignature(signingTime);
+				} else {
+					results = module.verifySignature(signingTime);
+				}
+				// results = module.verifySignature(signingTime);
+			}
+
+		} catch (IAIKException e) {
+			MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+			throw moaException;
+		} catch (IAIKRuntimeException e) {
+			MOAException moaException = IaikExceptionMapper.getInstance().map(e);
+			throw moaException;
+		} catch (IOException e) {
+			throw new MOAApplicationException("2244", null, e);
+		} catch (MOAException e) {
+			throw e;
+		} finally {
+			try {
+				if (signedContent != null)
+					signedContent.close();
+			} catch (Throwable t) {
+				// Intentionally do nothing here
+			}
+		}
+
+		QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+		// build the response: for each signatory add the result to the response
+		signatories = request.getSignatories();
+		if (signatories == VerifyCMSSignatureRequest.ALL_SIGNATORIES) {
+			Iterator resultIter;
+
+			for (resultIter = results.iterator(); resultIter.hasNext();) {
+				Object resultObject = resultIter.next();
+				if (!request.isPDF()) {
+					handleCMSResult(resultObject, responseBuilder, trustProfile);
+				} else {
+					handlePDFResult(resultObject, responseBuilder, trustProfile);
+				}
+			}
+		} else {
+			int i;
+
+			for (i = 0; i < signatories.length; i++) {
+				int sigIndex = signatories[i] - 1;
+
+				try {
+					Object resultObject = results.get(signatories[i] - 1);
+					if (!request.isPDF()) {
+						handleCMSResult(resultObject, responseBuilder, trustProfile);
+					} else {
+						handlePDFResult(resultObject, responseBuilder, trustProfile);
+					}
+				} catch (IndexOutOfBoundsException e) {
+					throw new MOAApplicationException("2249", new Object[] { new Integer(sigIndex) });
+				}
+			}
+		}
+
+		return responseBuilder.getResponse();
+	}
+
+	private void handleCMSResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
+			TrustProfile trustProfile) throws MOAException {
+		QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+		CMSSignatureVerificationResult cmsResult = null;
+		List adesResults = null;
+		if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+			ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
+
+			adesResults = getAdESResult(result.getFormVerificationResult());
+
+			if (adesResults != null) {
+				Iterator adesIterator = adesResults.iterator();
+				while (adesIterator.hasNext()) {
+					Logger.info("ADES Formresults: " + adesIterator.next().toString());
+				}
+			}
+		} else {
+			cmsResult = (CMSSignatureVerificationResult) resultObject;
+		}
+
+		String issuerCountryCode = null;
+		// QC/SSCD check
+
+		List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+		if (list != null) {
+			X509Certificate[] chain = new X509Certificate[list.size()];
+
+			Iterator it = list.iterator();
+			int i = 0;
+			while (it.hasNext()) {
+				chain[i] = (X509Certificate) it.next();
+				i++;
+			}
+
+			qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
+
+			// get signer certificate issuer country code
+			issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+
 		}
-		
-		InputStream is = new ByteArrayInputStream(contentOs.toByteArray());
-		
-		return is;
-		
-		
-	} catch (IOException e) {
-		  throw new MOAApplicationException("2301", null, e);			  
+
+		responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
+				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
 	}
-	  
-  }
-  
- 
-  private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
-	  BigDecimal from = dataobject.getExcludeByteRangeFrom();
-	  BigDecimal to = dataobject.getExcludeByteRangeTo();
-	  
-	  if ( (from == null) || (to == null))
-		  return false;
-	  
-	  int compare = counter.compareTo(from);
-	  if (compare == -1)
-		  return false;
-	  else {
-		  compare = counter.compareTo(to);
-		  if (compare == 1)
-			  return false;
-		  else
-			  return true;
-	  }
-				  
-	  
-	  
-  }
-
-  
-  private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
+
+	private void handleCMSEXTResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
+			TrustProfile trustProfile) throws MOAException {
+		QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+		CMSSignatureVerificationResult cmsResult = null;
+		List adesResults = null;
+		if (resultObject instanceof ExtendedCMSSignatureVerificationResult) {
+			ExtendedCMSSignatureVerificationResult result = (ExtendedCMSSignatureVerificationResult) resultObject;
+
+			adesResults = getAdESResult(result.getFormVerificationResult());
+
+			if (adesResults != null) {
+				Iterator adesIterator = adesResults.iterator();
+				while (adesIterator.hasNext()) {
+					Logger.info("ADES Formresults: " + adesIterator.next().toString());
+				}
+			}
+			cmsResult = result.getCMSSignatureVerificationResult();
+		} else {
+			cmsResult = (CMSSignatureVerificationResult) resultObject;
+		}
+
+		String issuerCountryCode = null;
+		// QC/SSCD check
+
+		List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+		if (list != null) {
+			X509Certificate[] chain = new X509Certificate[list.size()];
+
+			Iterator it = list.iterator();
+			int i = 0;
+			while (it.hasNext()) {
+				chain[i] = (X509Certificate) it.next();
+				i++;
+			}
+
+			qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
+
+			// get signer certificate issuer country code
+			issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+
+		}
+
+		responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
+				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
+	}
+
+	private void handlePDFResult(Object resultObject, VerifyCMSSignatureResponseBuilder responseBuilder,
+			TrustProfile trustProfile) throws MOAException {
+		QCSSCDResult qcsscdresult = new QCSSCDResult();
+
+		PDFSignatureVerificationResult cmsResult = null;
+		List adesResults = null;
+		if (resultObject instanceof ExtendedPDFSignatureVerificationResult) {
+			ExtendedPDFSignatureVerificationResult result = (ExtendedPDFSignatureVerificationResult) resultObject;
+
+			adesResults = getAdESResult(result.getFormVerificationResult());
+
+			if (adesResults != null) {
+				Iterator adesIterator = adesResults.iterator();
+				while (adesIterator.hasNext()) {
+					Logger.info("ADES Formresults: " + adesIterator.next().toString());
+				}
+			}
+			cmsResult = result.getPDFSignatureVerificationResult();
+		} else {
+			cmsResult = (PDFSignatureVerificationResult) resultObject;
+		}
+
+		String issuerCountryCode = null;
+		// QC/SSCD check
+
+		List list = cmsResult.getCertificateValidationResult().getCertificateChain();
+		if (list != null) {
+			X509Certificate[] chain = new X509Certificate[list.size()];
+
+			Iterator it = list.iterator();
+			int i = 0;
+			while (it.hasNext()) {
+				chain[i] = (X509Certificate) it.next();
+				i++;
+			}
+
+			qcsscdresult = CertificateUtils.checkQCSSCD(chain, trustProfile.isTSLEnabled());
+
+			// get signer certificate issuer country code
+			issuerCountryCode = CertificateUtils.getIssuerCountry((X509Certificate) list.get(0));
+
+		}
+
+		responseBuilder.addResult(cmsResult, trustProfile, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(),
+				qcsscdresult.isSSCD(), qcsscdresult.isSSCDSourceTSL(), issuerCountryCode, adesResults);
+	}
+
+	/**
+	 * Get the signed content contained either in the request itself or given as
+	 * a reference to external data.
+	 * 
+	 * @param request
+	 *            The <code>VerifyCMSSignatureRequest</code> containing the
+	 *            signed content (or the reference to the signed content).
+	 * @return InputStream A stream providing the signed content data, or
+	 *         <code>null</code> if no signed content was provided with the
+	 *         request.
+	 * @throws MOAApplicationException
+	 *             An error occurred building the stream.
+	 */
+	private InputStream getSignedContent(VerifyCMSSignatureRequest request) throws MOAApplicationException {
+
+		InputStream is = null;
+		CMSDataObject dataObj;
+		CMSContent content;
+
+		// select the Content element
+		dataObj = request.getDataObject();
+		if (dataObj == null) {
+			return null;
+		}
+		content = dataObj.getContent();
+
+		// build the content data
+		switch (content.getContentType()) {
+		case CMSContent.EXPLICIT_CONTENT:
+			is = ((CMSContentExcplicit) content).getBinaryContent();
+			is = excludeByteRange(is, request);
+			return is;
+		case CMSContent.REFERENCE_CONTENT:
+			String reference = ((CMSContentReference) content).getReference();
+			if (!"".equals(reference)) {
+				ExternalURIResolver resolver = new ExternalURIResolver();
+				is = resolver.resolve(reference);
+				is = excludeByteRange(is, request);
+				return is;
+			} else {
+				return null;
+			}
+		default:
+			return null;
+		}
+
+	}
+
+	private InputStream excludeByteRange(InputStream contentIs, VerifyCMSSignatureRequest request)
+			throws MOAApplicationException {
+
+		int byteRead;
+
+		ByteArrayOutputStream contentOs = new ByteArrayOutputStream();
+
+		CMSDataObject dataobject = request.getDataObject();
+		BigDecimal from = dataobject.getExcludeByteRangeFrom();
+		BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+		if ((from == null) || (to == null))
+			return contentIs;
+
+		BigDecimal counter = new BigDecimal("0");
+		BigDecimal one = new BigDecimal("1");
+
+		try {
+			while ((byteRead = contentIs.read()) >= 0) {
+
+				if (inRange(counter, dataobject)) {
+					// if byte is in byte range, set byte to 0x00
+					contentOs.write(0);
+				} else
+					contentOs.write(byteRead);
+
+				counter = counter.add(one);
+			}
+
+			InputStream is = new ByteArrayInputStream(contentOs.toByteArray());
+
+			return is;
+
+		} catch (IOException e) {
+			throw new MOAApplicationException("2301", null, e);
+		}
+
+	}
+
+	private boolean inRange(BigDecimal counter, CMSDataObject dataobject) {
+		BigDecimal from = dataobject.getExcludeByteRangeFrom();
+		BigDecimal to = dataobject.getExcludeByteRangeTo();
+
+		if ((from == null) || (to == null))
+			return false;
+
+		int compare = counter.compareTo(from);
+		if (compare == -1)
+			return false;
+		else {
+			compare = counter.compareTo(to);
+			if (compare == 1)
+				return false;
+			else
+				return true;
+		}
+
+	}
+
+	private List getAdESResult(AdESFormVerificationResult adesFormVerification) {
 		if (adesFormVerification == null) {
 			// no form information
 			return null;
@@ -451,5 +532,5 @@ public class CMSSignatureVerificationInvoker {
 			}
 		}
 	}
-  
+
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
index 74b2a89..bd5db6d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationProfileFactory.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import iaik.server.modules.cmsverify.CMSSignatureVerificationProfile;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationProfile;
 
 /**
  * A factory to create a <code>CMSSignatureVerificationProfile</code> from a
@@ -65,7 +66,7 @@ public class CMSSignatureVerificationProfileFactory {
    * <code>request</code>, based on the current configuration.
    * @throws MOAException An error occurred creating the profile.
    */
-  public CMSSignatureVerificationProfile createPDFProfile()
+  public PDFSignatureVerificationProfile createPDFProfile()
     throws MOAException {
     TransactionContext context =
       TransactionContextManager.getInstance().getTransactionContext();
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
index d775fdb..1eca7d2 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
@@ -49,8 +49,6 @@ import org.w3c.dom.NodeList;
 import org.xml.sax.EntityResolver;
 import org.xml.sax.SAXException;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOASystemException;
 import at.gv.egovernment.moa.spss.api.common.Content;
@@ -70,13 +68,15 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.util.MOASPSSEntityResolver;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.EntityResolverChain;
-import at.gv.egovernment.moa.util.MOAErrorHandler;
-import at.gv.egovernment.moa.util.StreamEntityResolver;
-import at.gv.egovernment.moa.util.StreamUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.EntityResolverChain;
+import at.gv.egovernment.moaspss.util.MOAErrorHandler;
+import at.gv.egovernment.moaspss.util.StreamEntityResolver;
+import at.gv.egovernment.moaspss.util.StreamUtils;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 import iaik.server.modules.xml.DataObject;
 import iaik.server.modules.xml.NodeListImplementation;
 import iaik.server.modules.xml.URIReferenceImpl;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
index 0bca8ae..0128e6a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/InvokerUtils.java
@@ -28,11 +28,10 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
-import at.gv.egovernment.moa.util.XPathException;
-import at.gv.egovernment.moa.util.XPathUtils;
-
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.common.ElementSelector;
+import at.gv.egovernment.moaspss.util.XPathException;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * Utility methods for invoking the IAIK MOA modules.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
index 8f3c075..330ffdd 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/ServiceContextUtils.java
@@ -24,13 +24,12 @@
 
 package at.gv.egovernment.moa.spss.server.invoke;
 
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-
 import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 
 /**
  * A utility class for setting up and tearing down thread-local context 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
index f32093a..3e18c2a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyCMSSignatureResponseBuilder.java
@@ -25,7 +25,8 @@
 package at.gv.egovernment.moa.spss.server.invoke;
 
 import iaik.server.modules.cmsverify.CMSSignatureVerificationResult;
-import iaik.server.modules.cmsverify.CertificateValidationResult;
+import iaik.server.modules.pdfverify.PDFSignatureVerificationResult;
+import iaik.server.cmspdfverify.CertificateValidationResult;
 
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -123,6 +124,61 @@ public class VerifyCMSSignatureResponseBuilder {
     responseElements.add(responseElement);
   }
   
- 
+  /**
+   * Add a verification result to the response.
+   * 
+   * @param result The result to add.
+   * @param trustprofile The actual trustprofile
+   * @param checkQCFromTSL <code>true</code>, if the TSL check verifies the 
+   * 		certificate as qualified, otherwise <code>false</code>.
+   * @param checkSSCD <code>true</code>, if the TSL check verifies the 
+   * 		signature based on a SSDC, otherwise <code>false</code>.
+   * @param sscdSourceTSL <code>true</code>, if the SSCD information comes from the TSL, 
+   * 		otherwise <code>false</code>.
+ * @throws MOAException 
+   */
+  public void addResult(PDFSignatureVerificationResult result, TrustProfile trustProfile, boolean checkQC, boolean qcSourceTSL, boolean checkSSCD, boolean sscdSourceTSL, String issuerCountryCode, List adesResults)
+    throws MOAException {
+	  
+    CertificateValidationResult certResult =
+      result.getCertificateValidationResult();
+    int signatureCheckCode =
+      result.getSignatureValueVerificationCode().intValue();
+    int certificateCheckCode = certResult.getValidationResultCode().intValue();
+         
+    VerifyCMSSignatureResponseElement responseElement;
+    SignerInfo signerInfo;
+    CheckResult signatureCheck;
+    CheckResult certificateCheck;
+
+    boolean qualifiedCertificate = checkQC;
+    
+    // add SignerInfo element
+    signerInfo =
+      factory.createSignerInfo(
+        (X509Certificate) certResult.getCertificateChain().get(0),
+        qualifiedCertificate,
+        qcSourceTSL,
+        certResult.isPublicAuthorityCertificate(),
+        certResult.getPublicAuthorityID(),
+        checkSSCD,
+        sscdSourceTSL,
+        issuerCountryCode);
+
+    // add SignatureCheck element
+    signatureCheck = factory.createCheckResult(signatureCheckCode, null);
+
+    // add CertificateCheck element
+    certificateCheck = factory.createCheckResult(certificateCheckCode, null);
+    
+    // build the response element
+    responseElement =
+      factory.createVerifyCMSSignatureResponseElement(
+        signerInfo,
+        signatureCheck,
+        certificateCheck, 
+        adesResults);
+    responseElements.add(responseElement);
+  }
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
index 7bcf723..a6e8971 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/VerifyXMLSignatureResponseBuilder.java
@@ -50,9 +50,9 @@ import at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResultInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult;
 import at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResultInfo;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.CollectionUtils;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.NodeListAdapter;
+import at.gv.egovernment.moaspss.util.CollectionUtils;
+import at.gv.egovernment.moaspss.util.DOMUtils;
+import at.gv.egovernment.moaspss.util.NodeListAdapter;
 import iaik.server.modules.xml.BinaryDataObject;
 import iaik.server.modules.xml.DataObject;
 import iaik.server.modules.xml.XMLDataObject;
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
index 7debb7b..ecdd811 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvoker.java
@@ -46,9 +46,6 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.MOASystemException;
@@ -69,8 +66,11 @@ import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.server.util.IdGenerator;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.Constants;
+import at.gv.egovernment.moaspss.util.XPathUtils;
 
 /**
  * A class providing an API based interface to the
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
index 6a85415..cb77ad1 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationProfileFactory.java
@@ -44,8 +44,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOASystemException;
 import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
@@ -67,7 +65,9 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
 import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.server.util.IdGenerator;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Constants;
 
 /**
  * A factory to create <code>XMLSignatureCreationProfile</code>s from a
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
index c09740c..a8c3ea0 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvoker.java
@@ -40,10 +40,6 @@ import java.util.Set;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.logging.LoggingContext;
-import at.gv.egovernment.moa.logging.LoggingContextManager;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.MOAException;
 import at.gv.egovernment.moa.spss.MOASystemException;
@@ -71,8 +67,12 @@ import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
 import at.gv.egovernment.moa.spss.util.CertificateUtils;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
 import at.gv.egovernment.moa.spss.util.QCSSCDResult;
-import at.gv.egovernment.moa.util.CollectionUtils;
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.CollectionUtils;
+import at.gv.egovernment.moaspss.util.Constants;
 import iaik.server.modules.AdESFormVerificationResult;
 import iaik.server.modules.AdESVerificationResult;
 import iaik.server.modules.IAIKException;
@@ -162,7 +162,8 @@ public class XMLSignatureVerificationInvoker {
 		LoggingContext loggingCtx = LoggingContextManager.getInstance().getLoggingContext();
 		XMLSignatureVerificationProfileFactory profileFactory = new XMLSignatureVerificationProfileFactory(request);
 		VerifyXMLSignatureResponseBuilder responseBuilder = new VerifyXMLSignatureResponseBuilder();
-		ExtendedXMLSignatureVerificationResult result;
+		ExtendedXMLSignatureVerificationResult result = null;
+		XMLSignatureVerificationResult plainResult;
 		XMLSignatureVerificationProfile profile;
 		ReferencesCheckResult signatureManifestCheck;
 		DataObjectFactory dataObjFactory;
@@ -215,8 +216,14 @@ public class XMLSignatureVerificationInvoker {
 
 			module.setLog(new IaikLog(loggingCtx.getNodeID()));
 
-			result = module.verifyXAdESSignature(xmlSignature, dataObjectList, profile, signingTime,
+			if(request.getExtendedValidaiton()) {
+				result = module.verifyXAdESSignature(xmlSignature, dataObjectList, profile, signingTime,
 					new TransactionId(context.getTransactionID()));
+				plainResult = result.getXMLSignatureVerificationResult();
+			} else {
+				plainResult = module.verifySignature(xmlSignature, dataObjectList, profile, signingTime,
+						new TransactionId(context.getTransactionID()));
+			}
 		} catch (IAIKException e) {
 			MOAException moaException = IaikExceptionMapper.getInstance().map(e);
 			throw moaException;
@@ -225,19 +232,20 @@ public class XMLSignatureVerificationInvoker {
 			throw moaException;
 		}
 
-		List adesResults = getAdESResult(result.getFormVerificationResult());
+		if(result != null) {
+			List adesResults = getAdESResult(result.getFormVerificationResult());
 
-		if (adesResults != null) {
-			Iterator adesIterator = adesResults.iterator();
-			while (adesIterator.hasNext()) {
-				Logger.info("ADES Formresults: " + adesIterator.next().toString());
+			if (adesResults != null) {
+				Iterator adesIterator = adesResults.iterator();
+				while (adesIterator.hasNext()) {
+					Logger.info("ADES Formresults: " + adesIterator.next().toString());
+				}
 			}
-		}
-
-		responseBuilder.setAdESFormResults(adesResults);
 
+			responseBuilder.setAdESFormResults(adesResults);
+		}
 		// QC/SSCD check
-		List list = result.getXMLSignatureVerificationResult().getCertificateValidationResult().getCertificateChain();
+		List list = plainResult.getCertificateValidationResult().getCertificateChain();
 		if (list != null) {
 			X509Certificate[] chain = new X509Certificate[list.size()];
 
@@ -261,17 +269,17 @@ public class XMLSignatureVerificationInvoker {
 		}
 
 		// check the result
-		signatureManifestCheck = validateSignatureManifest(request, result.getXMLSignatureVerificationResult(),
+		signatureManifestCheck = validateSignatureManifest(request, plainResult,
 				profile);
 
 		// Check if signer certificate is in trust profile's allowed signer
 		// certificates pool
 		TrustProfile trustProfile = context.getConfiguration().getTrustProfile(request.getTrustProfileId());
-		CheckResult certificateCheck = validateSignerCertificate(result.getXMLSignatureVerificationResult(),
+		CheckResult certificateCheck = validateSignerCertificate(plainResult,
 				trustProfile);
 
 		// build the response
-		responseBuilder.setResult(result.getXMLSignatureVerificationResult(), profile, signatureManifestCheck,
+		responseBuilder.setResult(plainResult, profile, signatureManifestCheck,
 				certificateCheck, qcsscdresult.isQC(), qcsscdresult.isQCSourceTSL(), qcsscdresult.isSSCD(),
 				qcsscdresult.isSSCDSourceTSL(), tp.isTSLEnabled(), issuerCountryCode);
 		return responseBuilder.getResponse();
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
index 64810a8..cca9117 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/logging/IaikLogFactory.java
@@ -24,12 +24,11 @@
 
 package at.gv.egovernment.moa.spss.server.logging;
 
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
 import iaik.logging.Log;
 import iaik.logging.LogConfigurationException;
 import iaik.logging.LogFactory;
 
-import at.gv.egovernment.moa.logging.LoggingContextManager;
-
 /**
  * An implementation of the <code>iaik.logging.LogFactory</code> abstract
  * class to log messages to the MOA logging subsystem.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
index f6d84c7..d3a930c 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/service/RevocationArchiveCleaner.java
@@ -30,11 +30,11 @@ import iaik.pki.store.revocation.archive.ArchiveFactory;
 
 import java.util.Date;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * A <code>Runnable</code> for periodically cleaning up the revocation archive. 
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
index 3425dac..4e0d9f6 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/transaction/TransactionContext.java
@@ -41,9 +41,9 @@ import java.util.Map.Entry;
 
 import org.w3c.dom.Element;
 
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 /**
  * Contains information about the current request.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java
index defaedd..53e023f 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/config/Configurator.java
@@ -1,6 +1,6 @@
 package at.gv.egovernment.moa.spss.tsl.config;
 
-import iaik.util.logging._l;
+import iaik.util.logging.GeneralLog;
 import iaik.xml.crypto.tsl.ex.TSLEngineDiedException;
 
 import java.net.MalformedURLException;
@@ -37,7 +37,7 @@ public class Configurator {
 			try {
 				_euTSLURL = new URL(euTSLURL);
 			} catch (MalformedURLException e) {
-				_l.err("Bad TSL URL: " + euTSLURL, e);
+				GeneralLog.err("Bad TSL URL: " + euTSLURL, e);
 				throw new TSLEngineDiedException(e);
 			}
 			
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATSLVerifier.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATSLVerifier.java
new file mode 100644
index 0000000..39b2f8c
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATSLVerifier.java
@@ -0,0 +1,265 @@
+package at.gv.egovernment.moa.spss.tsl.connector;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.security.cert.X509Certificate;
+import java.util.Iterator;
+import java.util.ListIterator;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBIntrospector;
+import javax.xml.crypto.Data;
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.NodeSetData;
+import javax.xml.crypto.URIReferenceException;
+import javax.xml.crypto.dom.DOMCryptoContext;
+import javax.xml.crypto.dsig.Reference;
+import javax.xml.crypto.dsig.SignedInfo;
+import javax.xml.crypto.dsig.Transform;
+import javax.xml.crypto.dsig.XMLSignature;
+import javax.xml.crypto.dsig.XMLSignatureException;
+import javax.xml.crypto.dsig.XMLSignatureFactory;
+import javax.xml.crypto.dsig.dom.DOMValidateContext;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import iaik.server.modules.xml.MOAXSecProvider;
+import iaik.xml.crypto.tsl.TSLConstants;
+import iaik.xml.crypto.tsl.TSLContext;
+import iaik.xml.crypto.tsl.TSLEngine;
+import iaik.xml.crypto.tsl.ex.SeverityAspect.Severity;
+import iaik.xml.crypto.tsl.ex.TSLSecurityException;
+import iaik.xml.crypto.tsl.ex.TSLVerificationException;
+import iaik.xml.crypto.tsl.gen.TrustStatusListType;
+import iaik.xml.crypto.tsl.verify.ITSLVerifier;
+import iaik.xml.crypto.utils.URIDereferencerImpl;
+
+public class MOATSLVerifier implements ITSLVerifier {
+
+	private static final Logger logger = LoggerFactory.getLogger(MOATSLVerifier.class);
+	
+	private static iaik.xml.crypto.xmldsig.gen.ObjectFactory dsOf = new iaik.xml.crypto.xmldsig.gen.ObjectFactory();
+
+	private static JAXBIntrospector JI = TSLEngine.jc.createJAXBIntrospector();
+
+	  public Boolean verifyTSL(Document tslDoc, TSLContext tslContext,
+	  	ListIterator<X509Certificate> euTslCertsHash) {
+
+	    boolean coreValidity = false;
+
+	    try {
+	//      Signature s = new Signature();
+	//      TrustServiceStatusList tssl = new TrustServiceStatusList();
+	      JAXBElement<iaik.xml.crypto.xmldsig.gen.SignatureType> s = dsOf.createSignature(new iaik.xml.crypto.xmldsig.gen.SignatureType());
+//	      _l.debug(""+JI.getElementName(s));
+	      JAXBElement<TrustStatusListType> tssl = TSLConstants.TSL_OF.createTrustServiceStatusList(new TrustStatusListType());
+//	      _l.debug(""+JI.getElementName(tssl));
+
+	      Element tsslE = tslDoc.getDocumentElement();
+
+	      if (tsslE == null) {
+	        tslContext.throwException(new TSLVerificationException("Empty XML File", Severity.xml_failed));
+	//      } else if (!tsslE.getNamespaceURI().equals(tssl.getName().getNamespaceURI())) {
+	      } else if (!tsslE.getNamespaceURI().equals(JI.getElementName(tssl).getNamespaceURI())) {
+	        tslContext.throwException(new TSLVerificationException("Incorrect Namespace", Severity.xml_failed));
+	//      } else if (!tsslE.getLocalName().equals(tssl.getName().getLocalPart())) {
+	      } else if (!tsslE.getLocalName().equals(JI.getElementName(tssl).getLocalPart())) {
+	        tslContext.throwException(new TSLVerificationException("Wrong Document Element in document "+tslDoc.getDocumentURI(), Severity.xml_failed));
+	      }
+
+	      //now we can be sure the right document element is in place, Schema validation does not assure this for us
+	      //Schema validation however assures that the internal Structure of TrustServicesStatus List is correct
+
+	      // B.6 1)  It MUST be an enveloped signature.
+
+	      Node n = tsslE.getLastChild();
+
+	      while ( n != null && ! (n instanceof Element) ) {
+	        n = n.getPreviousSibling();
+	      }
+
+	      Element sig = (Element) n;
+
+	      if (sig == null ||
+	//        ! sig.getNamespaceURI().equals(s.getName().getNamespaceURI()) ||
+	//        !  sig.getLocalName().equals(s.getName().getLocalPart())) {
+	        ! sig.getNamespaceURI().equals(JI.getElementName(s).getNamespaceURI()) ||
+	        !  sig.getLocalName().equals(JI.getElementName(s).getLocalPart())) {
+
+	        tslContext.throwException(
+	        	new TSLVerificationException(
+	        		TSLSecurityException.Type.NO_TSL_SIGNATURE)
+	        	);
+
+	      } else {
+
+	        NodeList cn = tsslE.getChildNodes();
+
+	        for (int j = 0; j < cn.getLength(); j++) {
+	          cn.item(j);
+	        }
+
+	        //TODO assure connection with the PKI Module
+	        DOMValidateContext valContext = new DOMValidateContext(
+	        	new MOATslKeySelector(euTslCertsHash, tslContext),
+	        	sig);
+
+	        if (valContext.getURIDereferencer() == null) {
+	          valContext.setURIDereferencer(new URIDereferencerImpl());
+	        }
+
+	  //      valContext.setProperty("iaik.xml.crypto.debug.OutputStream", System.out);
+	        valContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
+
+	        XMLSignatureFactory fac = MOAXSecProvider.getXMLSignatureFactory();
+
+	        // unmarshal the XMLSignature
+	        XMLSignature signature = fac.unmarshalXMLSignature(valContext);
+
+	        // Validate the XMLSignature (generated above)
+	        coreValidity = signature.validate(valContext);
+	        // Check core validation status
+	        if (coreValidity == false) {
+	          debug(valContext, "Signature failed core validation");
+	          boolean sv = signature.getSignatureValue().validate(valContext);
+	          debug(valContext, "signature validation status: " + sv);
+	          // check the validation status of each Reference
+	          Iterator it = signature.getSignedInfo().getReferences().iterator();
+	          for (int j = 0; it.hasNext(); j++) {
+	            boolean refValid = ((Reference) it.next()).validate(valContext);
+	            debug(valContext, "ref[" + j + "] validity status: " + refValid);
+	          }
+
+	          tslContext.throwException(new TSLVerificationException("Signature failed core validation", Severity.signature_failed));
+	        }
+
+	        SignedInfo si = signature.getSignedInfo();
+	        Iterator it = si.getReferences().iterator();
+
+
+	        // 2) Its ds:SignedInfo element MUST contain a ds:Reference element with the
+	        // URI attribute set to a value referencing the TrustServiceStatusList
+	        // element enveloping the signature itself. This ds:Reference element MUST
+	        // satisfy the following requirements:
+	        //  a) It MUST contain only one ds:Transforms element.
+	        //  b) This ds:Transforms element MUST contain two ds:Transform elements. The
+	        //  first one will be one whose Algorithm attribute indicates the enveloped
+	        //  transformation with the value:
+	        //  "http://www.w3.org/2000/09/xmldsig#enveloped-signature". The second one
+	        //  will be one whose Algorithm attribute instructs to perform the exclusive
+	        //  canonicalization "http://www.w3.org/2001/10/xml-exc-c14n#"
+	        
+	        boolean found_proper_tsslE_reference = false;
+
+	        for (int j = 0; it.hasNext(); j++) {
+	          Reference ref = ((Reference) it.next());
+	          Data d = valContext.getURIDereferencer().dereference(ref, valContext);
+
+	          if(!(d instanceof NodeSetData)) {
+	            continue;
+	          } else {
+	            NodeSetData nsd = (NodeSetData) d;
+
+
+	            if (nsd.iterator().next() == tsslE) {
+
+	              //Assured by XMLSchema
+	              //throw new TSLException("B.6 2 a) It MUST contain only one ds:Transforms element.");
+
+	              if(ref.getTransforms().size() != 2) {
+	                tslContext.throwException(
+	                  new TSLVerificationException(TSLSecurityException.Type.NON_CONFORMANT_TRANSFORMS_IN_TSL_SIGNATURE)
+	                );
+	              } else {
+
+	                Transform[] transforms = (Transform[]) ref.getTransforms().toArray(new Transform[2]);
+
+	                //TODO assign severity, code some heuristic showing the problems
+	                if (! transforms[0].getAlgorithm().equals("http://www.w3.org/2000/09/xmldsig#enveloped-signature")) {
+	                  tslContext.throwException(
+	                    new TSLVerificationException(TSLSecurityException.Type.NON_CONFORMANT_TRANSFORM_IN_TSL_SIGNATURE)
+	                  );
+
+	                }
+
+	                //TODO assign severity, code some heuristic showing the problems
+	                if (! transforms[1].getAlgorithm().equals("http://www.w3.org/2001/10/xml-exc-c14n#")) {
+	                  tslContext.throwException(
+	                    new TSLVerificationException(TSLSecurityException.Type.NON_CONFORMANT_C14N_IN_TSL_SIGNATURE)
+	                  );
+	                }
+	              }
+
+	              found_proper_tsslE_reference = true;
+	            }//if (nsd.iterator().next() == tsslE)
+
+	          }
+	        }
+
+	        if(!found_proper_tsslE_reference) {
+	          tslContext.throwException(
+	            new TSLVerificationException(TSLSecurityException.Type.NON_CONFORMANT_REFERENCE_IN_TSL_SIGNATURE)
+	          );
+	        }
+	        
+	        // 3) ds:CanonicalizationMethod MUST be
+	        // "http://www.w3.org/2001/10/xml-exc-c14n#".
+	        if (! si.getCanonicalizationMethod().getAlgorithm().equals("http://www.w3.org/2001/10/xml-exc-c14n#")){
+            tslContext.throwException(
+                new TSLVerificationException(TSLSecurityException.Type.NON_CONFORMANT_C14N_IN_CANONICALIZATION_METHOD)
+              );	        	
+	        }
+	        
+	        // 4) It MAY have other ds:Reference elements.
+
+	      }
+	    } catch (URIReferenceException e) {
+	      tslContext.throwException(new TSLVerificationException(e));
+	    } catch (MarshalException e) {
+	      tslContext.throwException(new TSLVerificationException(e));
+	    } catch (XMLSignatureException e) {
+	    	logger.error("Failed to verify XML Signature for TSL!", e);
+	    	return (Boolean) tslContext.throwException(
+	    			new TSLSecurityException(TSLSecurityException.Type.ERRORS_IN_TSL_SIGNATURE),
+	    			//we need an anonymous class to find the enclosing Method
+	    			(new Object(){}).getClass().getEnclosingMethod(),
+	    			null,
+	    			new Object[] {tslDoc, tslContext, euTslCertsHash}
+	    			);	    		
+	    }
+	    return coreValidity;
+	  }
+
+	public static void debug(DOMCryptoContext context, String message) {
+
+	  Object propDebug = context.getProperty("iaik.xml.crypto.debug.OutputStream");
+
+	  if ( propDebug == null) {
+	    return;
+	  }
+
+	  if (! (propDebug instanceof OutputStream)) {
+	    System.err.println("Failed to write to debug output stream. " +
+	        "DOMCryptoContext's Property (\"iaik.xml.crypto.debug.OutputStream\") " +
+	        "has to be of type OutputStream."
+	      );
+	  } else {
+
+	  OutputStream os = (OutputStream) propDebug;
+	    try {
+	      (new OutputStreamWriter(os)).write(message);
+	    } catch (IOException e) {
+	      System.err.println("Failed to write to debug output stream. " + e.getMessage());
+	      //TODO we cannot close the output stream here ...
+	    }
+	  }
+
+	}
+
+}
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATslKeySelector.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATslKeySelector.java
new file mode 100644
index 0000000..efdd877
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/MOATslKeySelector.java
@@ -0,0 +1,123 @@
+package at.gv.egovernment.moa.spss.tsl.connector;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.ListIterator;
+
+import javax.xml.crypto.AlgorithmMethod;
+import javax.xml.crypto.KeySelectorException;
+import javax.xml.crypto.KeySelectorResult;
+import javax.xml.crypto.XMLCryptoContext;
+import javax.xml.crypto.dsig.keyinfo.KeyInfo;
+import javax.xml.crypto.dsig.keyinfo.X509Data;
+
+import iaik.server.modules.xmlverify.MOAKeySelector;
+import iaik.xml.crypto.tsl.TSLContext;
+import iaik.xml.crypto.tsl.ex.TSLSecurityException;
+import iaik.xml.crypto.tsl.ex.TSLVerificationException;
+import iaik.xml.crypto.tsl.verify.TslKeyInfoHints;
+import iaik.xml.crypto.utils.X509KeySelectorResult;
+
+public class MOATslKeySelector extends MOAKeySelector {
+
+	private final ListIterator<X509Certificate> tslSignerCerts_;
+	private TSLContext tslContextI_;
+
+	public MOATslKeySelector(ListIterator<X509Certificate> euTslCertsHash, TSLContext tslContext) {
+		if(euTslCertsHash == null){
+			tslContext.throwException(
+				new TSLVerificationException(
+					TSLSecurityException.Type.MISSING_INFO_ON_TSL_SIGNER)
+			);
+		}
+		tslSignerCerts_ = euTslCertsHash;
+		tslContextI_ = tslContext;
+		tslContext.toString();
+	}
+
+	@Override
+	protected KeyInfoHints newKeyInfoHints(KeyInfo keyInfo,
+		XMLCryptoContext context)
+		throws KeySelectorException {
+
+		return new TslKeyInfoHints(keyInfo, context, tslContextI_, tslSignerCerts_);
+
+	}
+
+	@Override
+	protected KeySelectorResult select(KeyInfoHints hints,
+		KeySelectorResult[] results) {
+
+		if (results.length > 1){
+
+			return (KeySelectorResult) tslContextI_.throwException(
+				new TSLSecurityException(TSLSecurityException.Type.UNTRUSTED_TSL_SIGNER),
+				//we need an anonymous class to find the enclosing Method
+        (new Object(){}).getClass().getEnclosingMethod(),
+        this,
+        new Object[] {hints, results}
+			);
+
+		} else {
+			KeySelectorResult result = results[0];
+			  if (result instanceof X509KeySelectorResult) {
+			    result = new MOAX509KeySelectorResult((X509KeySelectorResult)result);
+			  } else {
+			    result = new MOAKeySelectorResult(result.getKey());
+			  }
+			  return result;
+		}
+	}
+	
+	@Override
+  public KeySelectorResult select(X509Data x509Data,
+    Purpose purpose,
+    AlgorithmMethod method,
+    XMLCryptoContext context) throws KeySelectorException {
+
+		X509KeySelectorResult ksr;
+		try {
+			ksr = (X509KeySelectorResult) super.select(x509Data, purpose, method, context);
+		} catch (ClassCastException e) {
+			ksr = (X509KeySelectorResult) tslContextI_.throwException(
+				e,
+				//we need an anonymous class to find the enclosing Method
+				(new Object(){}).getClass().getEnclosingMethod(),
+				this,
+				new Object[]{x509Data, purpose, method, context});
+		}
+
+		if (ksr == null){
+			//there has been a Problem with the X509Data
+			ksr = (X509KeySelectorResult) tslContextI_.throwException(
+				new KeySelectorException(failReason_.replace(". ", ".\n")),
+				//we need an anonymous class to find the enclosing Method
+				(new Object(){}).getClass().getEnclosingMethod(),
+				this,
+				new Object[]{x509Data, purpose, method, context});
+		}
+
+		List l = ksr.getCertificates();
+		tslContextI_.securityCheck(
+			TSLSecurityException.Type.UNTRUSTED_TSL_SIGNER,
+			(X509Certificate[]) l.toArray(new X509Certificate[l.size()]),
+			tslSignerCerts_
+		);
+
+		return ksr;
+  }
+
+	@Override
+	protected KeySelectorResult select(X509Certificate cert, Purpose purpose,
+		AlgorithmMethod method, XMLCryptoContext context)
+		throws KeySelectorException {
+
+		tslContextI_.securityCheck(
+			TSLSecurityException.Type.UNTRUSTED_TSL_SIGNER,
+			cert,
+			tslSignerCerts_
+		);
+
+		return super.select(cert, purpose, method, context);
+	}
+}
\ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java
index 82df37b..fee6ebe 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/connector/TSLConnector.java
@@ -29,8 +29,8 @@ import at.gv.egovernment.moa.spss.tsl.utils.TSLEUImportFromFileContext;
 import at.gv.egovernment.moa.spss.tsl.utils.TSLEvaluationContext;
 import at.gv.egovernment.moa.spss.tsl.utils.TSLImportFromFileContext;
 import iaik.asn1.ObjectID;
-import iaik.util._15;
-import iaik.util.logging._l;
+import iaik.util.GeneralUtils15;
+import iaik.util.logging.GeneralLog;
 import iaik.utils.RFC2253NameParser;
 import iaik.xml.crypto.EccProviderAdapter;
 import iaik.xml.crypto.XSecProvider;
@@ -314,7 +314,7 @@ public class TSLConnector implements TSLConnectorInterface {
 		log.debug(Thread.currentThread() + " waiting for other threads ...");
 		topLevelTslContext.waitForAllOtherThreads();
 
-		log.debug(_15.dumpAllThreads());
+		log.debug(GeneralUtils15.dumpAllThreads());
 		log.debug(Thread.currentThread() + " reactivated after other threads finished ...");
 		
 		connection = null;
@@ -395,7 +395,7 @@ public class TSLConnector implements TSLConnectorInterface {
 		log.debug("### SURNAME registered as " + ObjectID.surName + " ###");
 		RFC2253NameParser.register("SURNAME", ObjectID.surName);
 
-		XSecProvider.addAsProvider(false);
+		//XSecProvider.addAsProvider(false);
 
 		TSLEngine tslEngine;
 		TslSqlConnectionWrapper connection = null;
@@ -557,7 +557,7 @@ public class TSLConnector implements TSLConnectorInterface {
 		log.debug(Thread.currentThread() + " waiting for other threads ...");
 		topLevelTslContext.waitForAllOtherThreads();
 
-		log.debug(_15.dumpAllThreads());
+		log.debug(GeneralUtils15.dumpAllThreads());
 		log.debug(Thread.currentThread() + " reactivated after other threads finished ...");
 		
 		connection = null;
@@ -635,7 +635,7 @@ public class TSLConnector implements TSLConnectorInterface {
 				 
 			 } catch (TSLEngineFatalException e) {
 				 e.printStackTrace();
-				 _l.err("could not export Certs", e);
+				 GeneralLog.err("could not export Certs", e);
 				 throw new TSLEngineDiedException(e);
 			 }
 			
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
index e06abe4..5139469 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/timer/TSLUpdaterTimerTask.java
@@ -21,8 +21,6 @@ import java.util.Iterator;
 import java.util.Map;
 import java.util.TimerTask;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
@@ -33,7 +31,9 @@ import at.gv.egovernment.moa.spss.server.iaik.pki.store.truststore.TrustStorePro
 import at.gv.egovernment.moa.spss.server.logging.TransactionId;
 import at.gv.egovernment.moa.spss.tsl.connector.TSLConnector;
 import at.gv.egovernment.moa.spss.util.MessageProvider;
-import at.gv.egovernment.moa.util.StringUtils;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.StringUtils;
 
 
 public class TSLUpdaterTimerTask extends TimerTask {
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java
index 453ee2b..e0fff56 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEUImportFromFileContext.java
@@ -1,6 +1,7 @@
 package at.gv.egovernment.moa.spss.tsl.utils;
 
 import java.io.File;
+import java.io.FileFilter;
 import java.io.IOException;
 import java.lang.reflect.Method;
 import java.net.URL;
@@ -11,7 +12,7 @@ import java.util.List;
 import org.sqlite.SQLiteErrorCode;
 
 import iaik.util.logging.Log;
-import iaik.util.logging._l;
+import iaik.util.logging.GeneralLog;
 import iaik.util.logging.Log.MultiThreadLoggingGroup;
 import iaik.xml.crypto.tsl.DbTables;
 import iaik.xml.crypto.tsl.TSLImportFromFileContext;
@@ -76,7 +77,7 @@ public class TSLEUImportFromFileContext extends TopLevelTslFetchContext {
 				parameters[0] instanceof URL
 			){
 
-				_l.err("Ignoring download error using old: " + parameters[0],null);
+				GeneralLog.err("Ignoring download error using old: " + parameters[0],null);
 				wrapException(e);
 				return parameters[1];
 			}
@@ -87,7 +88,7 @@ public class TSLEUImportFromFileContext extends TopLevelTslFetchContext {
 			TSLExceptionB ve = (TSLExceptionB) e;
 			Severity s = ve.getSeverity();
 			if ( s != null && s.ordinal() < Severity.insecure.ordinal()){
-				_l.err("Ignored Exception: ",ve);
+				GeneralLog.err("Ignored Exception: ",ve);
 //			    if(logExceptions_){
 		    	warnings_.add(
 		    		new ThrowableAndLocatorAndMitigation(
@@ -136,5 +137,10 @@ public class TSLEUImportFromFileContext extends TopLevelTslFetchContext {
 		public void print(Object msg) {
 		  Log.print(msg);
 	  }
+		
+		@Override
+		public FileFilter getCertificateFileFilter() {
+			return null;
+		}
 
 }
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java
index a656f11..f0723a1 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLEvaluationContext.java
@@ -2,7 +2,7 @@ package at.gv.egovernment.moa.spss.tsl.utils;
 
 import iaik.util.logging.Log.MultiThreadLoggingGroup;
 import iaik.util.logging.Log;
-import iaik.util.logging._l;
+import iaik.util.logging.GeneralLog;
 import iaik.xml.crypto.tsl.BaseClass;
 import iaik.xml.crypto.tsl.SIEExtensionChecker;
 import iaik.xml.crypto.tsl.constants.Countries;
@@ -42,7 +42,7 @@ public final class TSLEvaluationContext extends iaik.xml.crypto.tsl.TSLEvaluatio
 
 			CriteriaListType criteriaList = (CriteriaListType) parameters[1];
 
-			_l.warn(criteriaList.getDescription());
+			GeneralLog.warn(criteriaList.getDescription());
 
 			String description = criteriaList.getDescription();
 			if (description
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java
index 5d69f69..eda2b34 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/tsl/utils/TSLImportFromFileContext.java
@@ -2,6 +2,7 @@ package at.gv.egovernment.moa.spss.tsl.utils;
 
 import java.io.BufferedOutputStream;
 import java.io.File;
+import java.io.FileFilter;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.OutputStream;
@@ -36,10 +37,10 @@ import org.xml.sax.SAXParseException;
 
 import at.gv.egovernment.moa.spss.tsl.exception.MitigatedTSLSecurityException;
 import iaik.util.logging.Log.MultiThreadLoggingGroup;
-import iaik.util.logging._l;
+import iaik.util.logging.GeneralLog;
 import iaik.utils.RFC2253NameParserException;
 import iaik.utils.Util;
-import iaik.util._15;
+import iaik.util.GeneralUtils15;
 import iaik.xml.crypto.dsig.keyinfo.X509DataImpl;
 import iaik.xml.crypto.tsl.DbTables;
 import iaik.xml.crypto.tsl.TSLConstants;
@@ -243,7 +244,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 				if (parameters[0] instanceof DOMError) {
 					DOMError domError = (DOMError) parameters[0];
 
-					_l.warn(""+domError.getRelatedData());
+					GeneralLog.warn(""+domError.getRelatedData());
 
 					//					domError.getRelatedData().getClass().getField("")
 
@@ -277,9 +278,9 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 
 					String[] rdns = subDN.substring(1, subDN.length()).split("/");
 
-					rdns = (String[]) _15.reverseInPlace(rdns);
+					rdns = (String[]) GeneralUtils15.reverseInPlace(rdns);
 
-					subDN = "/"+_15.implode("/", rdns);
+					subDN = "/"+GeneralUtils15.implode("/", rdns);
 
 					//for now we only support properly quoted values or such without quotes
 
@@ -375,7 +376,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 					}
 				}
 
-				_l.err("Ignoring download error using old: " + parameters[0], null);
+				GeneralLog.err("Ignoring download error using old: " + parameters[0], null);
 				wrapException(e);
 				return parameters[1];
 			}
@@ -448,7 +449,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 				X509Certificate crt = (X509Certificate)parameters[1];
 
 		    File f = new File("./wrong/"+expectedTerritory_+"/",
-		    	iaik.util._15.toHexString(getFingerPrint(crt,
+		    	iaik.util.GeneralUtils15.toHexString(getFingerPrint(crt,
 		    		new byte[TSLConstants.CertHash.LENGTH]))+".der");
 		    File parent = f.getParentFile();
 		    if(!parent.exists() && !parent.mkdirs()){
@@ -571,7 +572,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 			    	li.next();
 			    	String sn = (String) li.next();
 			    	
-			    	_l.err(sn, null);
+			    	GeneralLog.err(sn, null);
 			    	
 			    	System.exit(1);
 			    	
@@ -796,7 +797,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 
 		String msg = e.getMessage();
 
-		_l.info(msg);
+		GeneralLog.info(msg);
 		return(
 			msg.startsWith("["+SQLiteErrorCode.SQLITE_CONSTRAINT.name()+"]") &&
 			msg.contains("column " + DbTables.TSLDownload.C.rawHash + " is not unique")
@@ -804,7 +805,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 	}
 
 	@Override
-	protected Long getLocalLastModified(File targetFile) {
+	protected File getLocalLastModified(File targetFile) {
 		return super.getLocalLastModified(targetFile);
 	}
 	@Override
@@ -830,7 +831,7 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 			synchronized (log) {
 				parentContext_.print("<" + ncName + " state=\"" + currentThread.getState()
 				    + "\" " + " id=\"" + currentThread.getId() + "\">\n" + log.toString() + "</"
-				    + ncName + ">" + _15.LB);
+				    + ncName + ">" + GeneralUtils15.LB);
 				parentContext_.flushLog();
 				log.setLength(0);
 			}
@@ -846,5 +847,9 @@ public class TSLImportFromFileContext extends iaik.xml.crypto.tsl.TSLImportFromF
 			log.append(msg);
 		}
 	}
+	@Override
+	public FileFilter getCertificateFileFilter() {
+		return null;
+	}
 	
 }
\ No newline at end of file
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
index 544ea91..358524d 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateUtils.java
@@ -17,9 +17,9 @@ import iaik.xml.crypto.tsl.ex.TSLSearchException;
 
 import java.security.Principal;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.tsl.timer.TSLUpdaterTimerTask;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 public class CertificateUtils {
 	
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java
index 219bb7c..859e7e9 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java
@@ -5,11 +5,11 @@ import java.net.UnknownHostException;
 import java.util.Iterator;
 import java.util.List;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
 import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
 
 public class ExternalURIVerifier {
 	
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java
index b5f72c4..ee6fe0a 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MOASPSSEntityResolver.java
@@ -31,10 +31,10 @@ import org.xml.sax.EntityResolver;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 
-import at.gv.egovernment.moa.logging.LogMsg;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.spss.MOAApplicationException;
-import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moaspss.logging.LogMsg;
+import at.gv.egovernment.moaspss.logging.Logger;
+import at.gv.egovernment.moaspss.util.Constants;
 
 
 /**
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java
index 6c8a833..47b8d36 100644
--- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/MessageProvider.java
@@ -26,7 +26,7 @@ package at.gv.egovernment.moa.spss.util;
 
 import java.util.Locale;
 
-import at.gv.egovernment.moa.util.Messages;
+import at.gv.egovernment.moaspss.util.Messages;
 
 /**
  * Singleton wrapper around a <code>Messages</code> object.
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ResetableInputStreamWrapper.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ResetableInputStreamWrapper.java
new file mode 100644
index 0000000..243cd5d
--- /dev/null
+++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/ResetableInputStreamWrapper.java
@@ -0,0 +1,59 @@
+package at.gv.egovernment.moa.spss.util;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+public class ResetableInputStreamWrapper extends InputStream {
+
+	private ByteArrayInputStream bais;
+	
+	public ResetableInputStreamWrapper(ByteArrayInputStream bais) {
+		this.bais = bais;
+	}
+	
+	@Override
+	public int read() throws IOException {
+		return this.bais.read();
+	}
+
+	@Override
+	public int read(byte[] b) throws IOException {
+		return this.bais.read(b);
+	}
+
+	@Override
+	public int read(byte[] b, int off, int len) throws IOException {
+		return this.bais.read(b, off, len);
+	}
+
+	@Override
+	public long skip(long n) throws IOException {
+		return this.bais.skip(n);
+	}
+
+	@Override
+	public int available() throws IOException {
+		return this.bais.available();
+	}
+
+	@Override
+	public void close() throws IOException {
+		this.bais.close();
+	}
+
+	@Override
+	public synchronized void mark(int readlimit) {
+		this.bais.mark(readlimit);
+	}
+
+	@Override
+	public synchronized void reset() throws IOException {
+		this.bais.reset();
+	}
+
+	@Override
+	public boolean markSupported() {
+		return this.bais.markSupported();
+	}
+}
-- 
cgit v1.2.3