aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java78
-rw-r--r--src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java34
-rw-r--r--src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java47
-rw-r--r--src/main/resources/application.yaml19
-rw-r--r--src/main/resources/moa-spss/MOASPSSConfiguration.xml7
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer26
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer23
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer23
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cerbin0 -> 1485 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt34
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer21
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer23
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cerbin0 -> 1029 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cerbin0 -> 1159 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer26
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cerbin0 -> 1147 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt36
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer23
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cerbin0 -> 1167 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cerbin0 -> 1159 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cerbin0 -> 1159 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt36
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crtbin0 -> 1185 bytes
-rw-r--r--src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.derbin0 -> 1565 bytes
-rw-r--r--src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.derbin0 -> 1565 bytes
-rw-r--r--src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem35
-rw-r--r--src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java4
28 files changed, 408 insertions, 87 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java
index e96d851..6a5eb39 100644
--- a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java
+++ b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java
@@ -2,19 +2,80 @@ package at.gv.egiz.moazs.config;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService;
+import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier;
+import at.gv.egiz.moazs.msg.SignatureVerifier;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import java.io.File;
+import java.io.FileNotFoundException;
+
+
@Configuration
public class MoaSigConfig {
+ private static final Logger log = LoggerFactory.getLogger(MoaSigConfig.class);
+
+ private static final String MOA_SPSS_CONFIG_FILE_PROPERTY = "moa.spss.server.configuration";
+ private static final String JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY = "javax.net.ssl.trustStoreType";
+ private static final String JAVAX_SSL_KEYSTORE_TYPE_PROPERTY = "javax.net.ssl.keyStoreType";
+
+ private final String trustStoreType;
+ private final String keyStoreType;
private final String defaultTrustProfile;
+ private final String spssConfigFilePath;
- public MoaSigConfig(@Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile,
- @Value("${moa.spss.server.configuration}") String serverConfigUrl) {
+ public MoaSigConfig(@Value("${javax.net.ssl.trustStoreType}") String trustStoreType,
+ @Value("${javax.net.ssl.keyStoreType}") String keyStoreType,
+ @Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile,
+ @Value("${moa.spss.server.configuration}") String spssConfigFilePath) throws FileNotFoundException {
+ this.trustStoreType = trustStoreType;
+ this.keyStoreType = keyStoreType;
this.defaultTrustProfile = defaultTrustProfile;
- System.getProperties().setProperty("moa.spss.server.configuration", serverConfigUrl);
+ this.spssConfigFilePath = spssConfigFilePath;
+ fallBackToSpringEnvForMoaSPSSConfigProperty();
+ fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty();
+ }
+
+ private void fallBackToSpringEnvForMoaSPSSConfigProperty() throws FileNotFoundException {
+ log.info("value of spssConfigFilePath is {}", spssConfigFilePath);
+
+ if(System.getProperty(MOA_SPSS_CONFIG_FILE_PROPERTY) == null) {
+ var realPath = determinePath(spssConfigFilePath);
+ var realFile = new File(realPath);
+
+ if(realFile.exists() && realFile.canRead()) {
+ log.info("Set system property '{}' to {}", MOA_SPSS_CONFIG_FILE_PROPERTY, realPath);
+ System.getProperties().setProperty(MOA_SPSS_CONFIG_FILE_PROPERTY, realPath);
+ } else {
+ throw new FileNotFoundException("File '" + realPath + "' does not exist or is not readable.");
+ }
+ }
+ }
+
+ private String determinePath(String abstractPath) {
+ if (new File(abstractPath).isAbsolute()) {
+ return abstractPath;
+ } else {
+ //resolve relative path as classpath resource
+ //java.lang.Class needs relative resources to start with "/"
+ return this.getClass().getResource("/" + abstractPath).getFile();
+ }
+ }
+
+ private void fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty() {
+ if (System.getProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY) == null) {
+ log.info("Set system property '{}' to {}", JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType);
+ System.getProperties().setProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType);
+ }
+
+ if (System.getProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY) == null) {
+ log.info("Set system property '{}' to {}", JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType);
+ System.getProperties().setProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType);
+ }
}
@Bean
@@ -26,4 +87,15 @@ public class MoaSigConfig {
public ISignatureVerificationService moaSigVerifyService() {
return new SignatureVerificationService();
}
+
+ @Bean
+ public SignatureVerifier signatureVerifier(@Value("${moa.spss.is-active}") boolean isMoaSPSSActive) {
+ if (isMoaSPSSActive) {
+ log.info("Moa SPSS is active. Signatures in SOAP Messages will be verified.");
+ return new MoaSPSSSignatureVerifier(moaSigVerifyService(), defaultTrustProfile);
+ } else {
+ log.warn("Moa SPSS is not active. Signatures in SOAP Messages will not be verified.");
+ return (signedXMLdocument) -> true;
+ }
+ }
}
diff --git a/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java
new file mode 100644
index 0000000..6058279
--- /dev/null
+++ b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java
@@ -0,0 +1,34 @@
+package at.gv.egiz.moazs.msg;
+
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class MoaSPSSSignatureVerifier implements SignatureVerifier {
+
+ private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class);
+
+ private final ISignatureVerificationService service;
+
+ private final String trustProfile;
+
+ public MoaSPSSSignatureVerifier(ISignatureVerificationService service,
+ String trustProfile) {
+ this.service = service;
+ this.trustProfile = trustProfile;
+ }
+
+ @Override
+ public boolean verify(byte[] signedXMLdocument) {
+
+ try {
+ var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
+ return response != null;
+ } catch (MOASigServiceException e) {
+ MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e);
+ return false;
+ }
+
+ }
+}
diff --git a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
index d6311c4..bf9a2d0 100644
--- a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
+++ b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java
@@ -1,40 +1,13 @@
package at.gv.egiz.moazs.msg;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService;
-import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.stereotype.Component;
-
-@Component
-public class SignatureVerifier {
-
- private static final Logger log = LoggerFactory.getLogger(SignatureVerifier.class);
-
- @Autowired
- @Qualifier("moaSigVerifyService")
- private final ISignatureVerificationService service;
-
- @Autowired
- @Qualifier("moaSPSSServerDefaultTrustProfile")
- private final String trustProfile;
-
- public SignatureVerifier(ISignatureVerificationService service,
- String trustProfile) {
- this.service = service;
- this.trustProfile = trustProfile;
- }
-
- public boolean verify(byte[] signedXMLdocument) {
- try {
- var response = service.verifyXMLSignature(signedXMLdocument, trustProfile);
- return response != null;
- } catch (MOASigServiceException e) {
- log.error("Could not verify the XML signature.", e);
- return false;
- }
- }
-
+@FunctionalInterface
+public interface SignatureVerifier {
+
+ /**
+ * Verifies the signature of a signed XML document.
+ * @param signedXMLdocument
+ * @return true if the signature is valid; false if there is no signature, if the signature is invalid,
+ * or if an exception occured.
+ */
+ boolean verify(byte[] signedXMLdocument);
}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 61c7dba..961f437 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -69,9 +69,20 @@ logging:
level:
root: WARN
org.springframework: WARN
- at.gv.egiz.moazs: INFO
+ at.gv: INFO #DEBUG
+ iaik: INFO #DEBUG
+
+# default type for java's ssl key/trust store
+javax.net.ssl:
+ keyStoreType: jks
+ trustStoreType: jks
### moa spss config
-moa.spss.server:
- configuration: file:./moa-spss/MOASPSSConfiguration.xml
- default-trustprofile: test-trustprofile
+moa.spss:
+ is-active: true
+ server:
+ # path that points to MoaSPSSConfiguration file; can be:
+ # - absolute path (unix: starts with /), or
+ # - relative path (otherwise, relative to application's class path)
+ configuration: moa-spss/MOASPSSConfiguration.xml
+ default-trustprofile: test-trustprofile
diff --git a/src/main/resources/moa-spss/MOASPSSConfiguration.xml b/src/main/resources/moa-spss/MOASPSSConfiguration.xml
index edaaf8a..d2425b4 100644
--- a/src/main/resources/moa-spss/MOASPSSConfiguration.xml
+++ b/src/main/resources/moa-spss/MOASPSSConfiguration.xml
@@ -41,7 +41,7 @@
<cfg:TrustProfile>
<cfg:Id>test-trustprofile</cfg:Id>
- <cfg:TrustAnchorsLocation>truststores/test-truststore</cfg:TrustAnchorsLocation>
+ <cfg:TrustAnchorsLocation>trustProfiles/test-trustprofile</cfg:TrustAnchorsLocation>
</cfg:TrustProfile>
</cfg:PathValidation>
@@ -64,10 +64,5 @@
</cfg:Archiving>
</cfg:RevocationChecking>
</cfg:CertificateValidation>
-
- <cfg:VerifyTransformsInfoProfile>
- <cfg:Id>SL20Authblock_v1.0</cfg:Id>
- <cfg:Location>profiles/SL20_authblock_v1.0.xml</cfg:Location>
- </cfg:VerifyTransformsInfoProfile>
</cfg:SignatureVerification>
</cfg:MOAConfiguration>
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
new file mode 100644
index 0000000..eb051dc
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB
+VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA
+IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA
+bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx
+GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs
+LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT
+AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA
+cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA
+ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA
+SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1
+YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH
+fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV
+lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw
+x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F
+rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn
+X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM
+lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F
+6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9
+kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1
+qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8
+TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL
+46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY
+KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q
+C016YgTrrQ==
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
new file mode 100644
index 0000000..be29fb6
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa
+Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR
+q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf
+ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN
+ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU
+833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs
+5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4
+CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh
+MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7
+kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i
+BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10
+pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6
+9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd
+2dMmiMQ7gGhWX9X6gWLd
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
new file mode 100644
index 0000000..e1100c7
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa
+Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et
+VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe
+JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b
+hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt
+L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ
++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP
+U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz
+o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy
+jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW
++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS
+BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX
+drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd
+rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw
+VxCuPLXx/4sCfANQtvuY
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 0000000..b9a0e5a
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt
new file mode 100644
index 0000000..9befb53
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIDFl+uMA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl
+c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx
+MjE1MTMwMDQ1WhcNMjQxMjA5MTIwMDQ1WjCBlTELMAkGA1UEBhMCQVQxSDBGBgNV
+BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry
+LiBEYXRlbnZlcmtlaHIgR21iSDEdMBsGA1UECwwUQS1UcnVzdC1UZXN0LVJvb3Qt
+MDUxHTAbBgNVBAMMFEEtVHJ1c3QtVGVzdC1Sb290LTA1MIICIDANBgkqhkiG9w0B
+AQEFAAOCAg0AMIICCAKCAgEApv3ETyDuseYGvBXgJSiAe7q2dvKtcxlHGlEdEWKv
+YUODdXiTIIcwuIU0+F8ybvoQdEVPGDsdzShhXKgMfdGY5WF1BslCgjwcr4h6GWgt
+cSkXXFIYVV5GCrac4DhM60EvtXpadi8dNMu7dUKZjqES9UPC6Gc5H6fadauLaV6b
+DbNrJufXUditjEbhqj5uX3u4/+nFRH8g1DiQm5RCC3ttVe0/7buJipErVQ9Sbhzk
+hkFlzLbph2s2hiEP8NB5tXM3ffxmJ2Yv98+U1Ec0iXvsoGhqRyZVn1huTi+9PJnP
+IyPfXDkqWv49E/WeZsaZ48kdVx9xIC6OVYF0GCDsKjsKWN+4xL6/eYvSnyIBij/A
+e1T3wkLhp+bDyqxnvDatMlWchfbZxicvzr83c8SGt81RBekwbG/HGPRE4x5DnTkQ
+67DTMzMSmW+FAJdZG2Ofsg9+D+v+iqRD310maLABtko3e+xm601FS8d0lDFJVGgG
+36IB+ZrUIXmLfOIQjlF/yx566oUmSif3QRgmnSuNtunffXHBbL0qFAiEDwwHg41t
+zBiSswKRWa5J/BMIung+6T8gw5kY3c3yJ+pUip4J2oeVa9jZlO/AY7k5BCeGh5Ky
+zu22GMQIp9ulIIfUKx8jcnhtDy07UEmaWqv3rVsqKWF9v9B4z2SMiH1oFEgrNAxi
+v98CAQOjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEQv+xQJkonQMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEASO7M8elac5VTP+FjuL1S
+nS72NaIP/RGYmw6967irlG5qQ0cGmCZO5J8SsL7xc3BMofMQMbrsGEryO1F4Y95B
+o419IzqPb8sYHlx1Du+F2D01qXBmGP/NcqQIo9twLa+man16l7SFF/iNof2axigM
+TUcWzqHUxtSjCPoU44qTsi8vVuQKRP8gMGlVCty0joc0gEW8PqKiMaKxI+tglVA6
+czwvPXfk9pJkL3hhDg/p59iKJTkEKIDtvugrZ4ZqOCBL5xv1Tar3BMBAKSfl/YoQ
+/p6ATGlKkjSbMyU7vUGxXldNALHkezxFufuDZEF/erp3hCVADbQMKgyM7Diu6cKB
+0s4+POeTQoSQ2dnMQJdgAfeGcd3twy2s/M/xHAVGPAPIQWH7ppVcs6AbVXQabHxJ
+YZU7G2ct8Se0r8RLq+iRYrWhFKl8mmVBNwK2WJhjWPv2fqM1xYtbbwH6zoV/Sf8j
+uIbx/5A/MJo/4s/9ciafJLVzLvkOh6Bhf310TAxyB9mDiL00KAuVTDtwYfzo1+jw
+0bInpPqTCkgszn0LbajeaEIc7lQ7neY0gmMqDvnhA+5LyHJXuX5tDF+1/KDijlLs
+p/k1/YZfe1Ai1+gcRoAlp2O80tKaJWZPkf8POffyIkSxJbHlKF6r3TWs7JYr+YUi
+lm2dyCqZ9RUD5ZN2YRntJoo=
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
new file mode 100644
index 0000000..e90f5f2
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU
+MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw
+FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw
+MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV
+BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0
+jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1
+2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M
+tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf
+8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB
+1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV
+AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G
+A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT
+sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq
+C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64
+/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh
+PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer
+NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88
+xw==
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
new file mode 100644
index 0000000..2284687
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy
+OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM
+EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj
+lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ
+znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH
+2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1
+k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs
+2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD
+VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1
+hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br
+cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm
+FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ
+tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s
+FJ6N46sU7LjJLqSKYEB8usoIiw==
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 0000000..33e7763
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer
new file mode 100644
index 0000000..1bb4494
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer
new file mode 100644
index 0000000..6c0c042
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
new file mode 100644
index 0000000..04627da
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R
+dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw
+NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy
+dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52
+ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt
+c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6
+PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK
+k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj
+r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG
+AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt
+Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd
+LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E
+CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG
+MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv
+b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl
+dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R
+3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf
+k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd
+ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX
+RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG
+SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g==
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
new file mode 100644
index 0000000..a699436
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
new file mode 100644
index 0000000..ee17cdb
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGQTCCBCmgAwIBAgIDFl+4MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl
+c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx
+MjE1MTMxMDE5WhcNMjQxMjA5MTIxMDE5WjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV
+BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry
+LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1
+bS1TaWctMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tU2lnLTA1MIIC
+IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAq9PRwApA35K3LT0p5IYtNZMS
+BFJsIkzjgF4FRQ36PtxeNsPL6iPgfFjWLZzVT1arHrC6ciz97haDWEN5Jq+aVaZp
+gvFtvqZXlwYOWP0sshQg1aP7zrfH/N6yqjkrXHyzgmSz3SVIbdj5CqUJz/+94FCR
+cA8XkQ3WZAjSkRB+MSIY8umftkmJOVAstaG28OEtpmqwBLRh/QGcNZzfhyrPS2Ls
+5BAKQW9SBb1nXn8JOHq0Bd8zHShHbny9X/qT0xqeFfwItZWiW7iu3LgbGqfB3J4d
+s+9iecwHDsmYdSb2quGmzJXejmvktFZte9dlF7BuBqier+R3/czdLteRems5S9Ka
+hlP3+f3CnFwKihyVMhnuf5HyhCo1Fvrt+igWtNnos38qzB5RzRTJXnvZyrtTJMQE
+/8ZuV2B12Oaf0AQjt+o/SPKeaTBX2yes0S1xbQy7xJzNhgBJ2Ir3OI6SoOooVN+9
+kQuzD7NsJBJzIy4dHCvOgs0C1ro8DROaV3Usn58eYOkLDrPGpEBmFq7GnsxnbeEh
+5zzlgh00R9cy5PxiO40U+KxnTmQl+/vc9i1plDLsTRePeThKgS0UOIRZP7voYKdu
+IJaEzufNXUxZbCc9Mq3V552BmRPhL9Ouf/bfaVMmkY4p7BdU57stxDfVwG9biujj
+AVPA7DeRm+S0kzWRq0kCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov
+L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME
+DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhB0SNOEjM1
+3jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAEiqm52uEL2giMCy
+8i1tIbqKP3SeJnYxhJgN4d3caWqfE1CoEUQjsN8t7sF866TOYJMrQ+/dS8bUqNiG
+x4vvPrDq3DUSyKflgPaz+36xtB4BTlIiYTzio7Tnv+d5n+MsM6c/rijJzRx38FLM
+tZTAfr7dXv5KxrfYrrEnPrGg0gMlYqX3rB1TKQnPx5qG3e2YXc6tdvDeXhh9cXj3
+76VJony7iV0ccKWNXRRNx1X0po/Luu6EMD/5czArtmO0KmGXO3gK3Fy7pxUbdBra
+nSJNsY+Fv4X3zqf5n9ZM4Yut7KSqBiQbuMmIzLZkICJOWN5t9mOTStgmZjGqBdQN
+sRuVinaLxA88Fd32ZmFxbagOLeKEXPTQT/ERbDOjhShY6jA2/LkIcg9mwDDOubsp
+FcZaYlyXmvD+HNVxL5B4BGDWoGHmCxaj+bcYP4U797bpE90sTnMIQd6JoYEMQSIy
+Re0S4jKIOkCqBDkPBIXZf/IizTvJiQoFUtT7civFYhcUHDOcWs69NUU3F6sEBZmq
+C1uIRm7zD6FUPNpVcfVIeqcfWsnx5bSKwheh9Dk/A3eTmxjpodV4tIq6BfCLdq52
+85dumPB4zz/EmCuZ0hwy9/TJwaogVMqicvr1/pQXDM7T6fCM0vK9w/e4ejmX61TK
+6MsTXFjxlwpIacl4fkAxk6L22xfB
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer
new file mode 100644
index 0000000..60bc9a5
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID2zCCAsOgAwIBAgIDFhIPMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRwwGgYDVQQLDBNhLXNpZ24tVEVT
+VC1RdWFsLTAxMRwwGgYDVQQDDBNhLXNpZ24tVEVTVC1RdWFsLTAxMB4XDTE0MTEx
+NzA3NDAzNloXDTI0MTExMTA2NDAzNlowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQK
+DD9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4g
+RGF0ZW52ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1URVNULVF1YWwtMDEx
+HDAaBgNVBAMME2Etc2lnbi1URVNULVF1YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQD4TRgyXzhxJ2AkndX0RPY771f64dsJrReEeuShLRK5io0B
+kJWc4t7wuD1B98cJ0MUPlMmOJ2Ckc/vuLhQUyY3qEUmhMhixCUIcdHQ5yH3H0yMV
+HxyJxAG83fE8M25kpKA4TzzMW8KPd2S63wbpPElyEy7vrllrLxvdQRSDpMZMvRg8
+fvoDGAehxsnKKwlXZuMq1aSBzfMz3cMBDKxvqzDIz7yC1iWNkdiwog3a5a5PbViK
+shhZ0h+bx9WFDpiN6ooPQgcGhjD+NqIDoiOr7CUFHp+HiC6xIsEFJaBHTf3dRZ61
+0r1FDABx0Yj8+wlXSQLYq/1nR/QMwsvH0Cz1qYTPAgMBAAGjNjA0MA8GA1UdEwEB
+/wQFMAMBAf8wEQYDVR0OBAoECE8h1CulBqTdMA4GA1UdDwEB/wQEAwIBBjANBgkq
+hkiG9w0BAQUFAAOCAQEAimFu+xTm3UdyU+fO+2hz4DS20OGSC9NBDkorjzhRPWoZ
+IVhUi6yH5drqSBm4/2ZYS1Ba5npzfyJwm+cLO28ljxAApfRHlbN0y83hKv7c0I7g
+zWTMRs8X8ar5Gd7d4O5jpC4PAaZ1ozSDoE06U5im6YMLaJy/0QYvf5EQBMvLdeoc
+d1vl17JYKYqYzcX2dvayikrfiglFqDaZZ66yJPBSuiyNhXpPkbXsOoyyTPtV/0Bh
+eKIQiQyJID5aZtR7D4fBAzKdp5wB9KLQXBZ80hrwqrIuy+ME0tFaBWYBi8dzQ1iq
+/E3Qz0USfGmxPMm8y/zRqsDvxZCRiSuvzBkOXbGMdA==
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer
new file mode 100644
index 0000000..e4bd48d
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer
new file mode 100644
index 0000000..74c4ce3
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer
new file mode 100644
index 0000000..6c50ec0
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt
new file mode 100644
index 0000000..9ea6d0c
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGQTCCBCmgAwIBAgIDFl+3MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl
+c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx
+MjE1MTMwOTAwWhcNMjQxMjA5MTIwOTAwWjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV
+BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry
+LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1
+bS1FbmMtMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tRW5jLTA1MIIC
+IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEA2YDEweWMfTpWbHjFwzPl5tri
+jaL4tmhuHQzuSAEO080+m5Dc38Rj5xHf1MNCxvAx18+3A+b0WDDhtdJh+SXVxAQq
+/VhnaOFcdlvun0/4+l4Xynf6xd0r8WfQgnTAER4iFzGoWnOFQZqF3JGsx0mxd5Ss
+6kbs+4Gd/FmdAD09qTb+e3FtQC9aszVb5j57LB14Ka+iVXMEFq6J1uvvdjIcwbeL
+7gOGOLzn9dArFT4bfMIE/gBOJnY3Ulp16jOMGb2sY+9u9rGJ84jSpYKEsL+RBoJr
+23O5rfdrVi/+fWC0QaDqwhI46lLr9Erkk7NjEeElZ+Tj2A5KK4K0FNvzAIqxki1Z
+/MQcBfknbq9jxUZs4zUl9QA7ufCqmFhi4qQxycEfUEXsTFlya2IgWqavA1OFZ7Ww
+tJQOR/EQUvtH/fIE7nompnxzWxi1iAvVkv0OEsAYVRd9ldviLl9wLzpQoOPvwc/B
+kRLvriWH/Bjyc8+SeAfK92ZRHh+a1HBsX7XKuZwKJ/pVKF4EtalbZXlSuQau/Mc0
+ImS49AL/GjfShp/IhGHfBQbTjR3vhZfakG6wvSFnGaRt2ohxMHb0fSK7xNrDpfNV
+Orloh77ry44C4jjQIairRW1l4CLilbitKpHO4VtZ443w25fud2FapvdesoUfHogV
+KTce4dGvW3jrN7/8TRUCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov
+L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME
+DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhH2pAliBnO
+GzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBADDqJFkkBD6tUmiu
+L45YlXWKogD5eUfM+xnNVdg60M4HXHksVGT49CiY1vWzuLwUD3CXQ1W7yBKnLB5b
+GcoaHNgZDhNskYJCZu9K0g8oqNEN3Hb2QoKqyCaOlKV0dXILq/3SbdcXvUkUPS9K
+nWkX48tVMcw3OAmRYKwBK6tkUBwVw0VJ49sT+9qgPGCb8HYafSjCTnb3kdKGYK7a
+0E6eVBjYf6WcMfvCIYma5Zi4fx7U0K6RN8xJvhRHAZK3uJphk1QciAIxViFIPnex
+htgywJNHRautIsDbRGwdDVOUB6VdCFF19HnO9C4p2+pggCi9nT/I4CklZGZ5Q0VB
+j9knsSFXYMY9QFGm3feiVIXAy2Pp7IMB21KNZKgqCLQRgANNdvkWwO97lcxpmocS
+/p9LIEYDpa9tIvBrTiK39hUixeQaMhvlrSN3H49NqoxsStv8UEvSbjLJAuOcK1oV
++IWA8RbBwippM45729X7nGdPUbxys+rn7F04WNe+oQN96hKX4VJ6OCANz1bca6LV
+sPtkFej+SLbpALVH3YvP4ct1UQms3UnuN9m1A0ceB4u4KroHBHlSGLB6K3UI3E42
+cYVaGrbflSvwwXxCHUvrCeL+eNKgI2Vyt29aHVJO0OMAS03Eb1PcygeNU4h6t+CS
+UBU+/OTtSQGrLe+kMKP6uBO/cMhv
+-----END CERTIFICATE-----
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt b/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
new file mode 100644
index 0000000..ebfbce9
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
Binary files differ
diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der b/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der
new file mode 100644
index 0000000..3e136d4
--- /dev/null
+++ b/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der
Binary files differ
diff --git a/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der b/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der
new file mode 100644
index 0000000..3e136d4
--- /dev/null
+++ b/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der
Binary files differ
diff --git a/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem b/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem
deleted file mode 100644
index 57963bd..0000000
--- a/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem
+++ /dev/null
@@ -1,35 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGGTCCBAGgAwIBAgIUEzQUFWuzrC0F4mODQYgPZ/Lhq04wDQYJKoZIhvcNAQEL
-BQAwgZMxCzAJBgNVBAYTAkFUMRAwDgYDVQQIDAdBdXN0cmlhMQ0wCwYDVQQKDARJ
-QUlLMQ0wCwYDVQQLDARFR0laMSMwIQYDVQQDDBpFR0laIENSQUJFTlNURUlORVIg
-Uk9PVCBDQTEvMC0GCSqGSIb3DQEJARYgY2hyaXN0b2YucmFiZW5zdGVpbmVyQGVn
-aXouZ3YuYXQwHhcNMTkwNDIzMTQwNTU2WhcNMzkwNDE4MTQwNTU2WjCBkzELMAkG
-A1UEBhMCQVQxEDAOBgNVBAgMB0F1c3RyaWExDTALBgNVBAoMBElBSUsxDTALBgNV
-BAsMBEVHSVoxIzAhBgNVBAMMGkVHSVogQ1JBQkVOU1RFSU5FUiBST09UIENBMS8w
-LQYJKoZIhvcNAQkBFiBjaHJpc3RvZi5yYWJlbnN0ZWluZXJAZWdpei5ndi5hdDCC
-AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMclj0pHf7LxLXEvtz+P7mxI
-5U5Lx0xDiEY4XeLn75jis3IQotv3zmUz8Mvv9rkAT7y9JMJyJPBUPo2iWCO/dtm+
-qYlCy4fNPGvGPyjE05TM+JhG8bijpgO2EEZmKv48by+UUzioX8H/to5n8xNzDu8C
-bibBddbGyfQ9E7PkR2VhdW8PkUrqJCxeG/xiwS0h1U2v++4ZKQpS78rj75KNEExx
-t8spzZFyKV3i5mTkW2Exp5OSr07SpadjlRqkYWkdZsAPnaK4L4KQ+rrL9qXb/fzK
-syD2LkAHimV3s19IZjGVbdwCtgacDZlME3zNfGxIC0hAeJsSXJJN2FMO3SrnXv2b
-CDJT3SOCF+PMhmv41PGMswQxnCtPvB9659y/Cr/tHkY5bhQiR4XamZie7IkxpsMa
-WpV4jCY9iz1L8OsM62DVRsztDWw1w1j2dyWyODNbxaI7fEWg9klUW7GgEDYBeJ2h
-9kfgwZXiMZkw/7+0VHU97a7AKmpCXP3kH6n1z3MAgaf+Dd4Gq7RXB+4HEZ31uiNO
-OqrnayFs2td/X7cl/0ioNLnJ/hbaOmHsGDQo5W0WyXg9bVkLtezajVwTCKkRdUnn
-kAXL0y+x/aRc2CycE7tlC0SHtBDTVjdx5CWeulynBMMiMWZwb+HR9id/rnifp3Vk
-/CPA+eyjiVtt8uXXozLFAgMBAAGjYzBhMB0GA1UdDgQWBBSK8/VCjnMFpNKrPSEv
-k+GF/qM5izAfBgNVHSMEGDAWgBSK8/VCjnMFpNKrPSEvk+GF/qM5izAPBgNVHRMB
-Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAp/fR
-A+cZlMw0jtiFRYy7096dadgjefIcQVgZYNTL3zuPrXyRIHMp4dTlNnREkobmzkcy
-jWN/I41hm2SHt86+E1c7n/wd1KE1oefqoRkhQws84718zlLBkL/iMwluzE4ZzqiE
-RPxBFv23QqFLzaZpqan4ic9zlkqW1d8IZ9kt9vctAxUIju4hXqozUfaYIjIThutU
-wkIgN1A6e6qugFYB9jkhijnMw0HJeP19JbBUNGp9bP3GiSEc+S1ydddU2492rDQj
-NQKvUMvGUhoUdxbbcUhxs6i6Gfct5bCXRN+r7d+mpwFrpN9xv0a0a7y5GNZk//2S
-0qsqQwVEHYa0fDxsBFLnM7i2EY6+eo9mMccOgn0Jk8z+IIU3OCHgRs3df8R0zWbd
-2FSeqrHTTtgcnmfEx3TMZnuuLfOCIwczl/4DP6M5Z6xwp/MKXzUWFy5SP1wkLe9i
-KiTaYeYLiVZb4AluW8TdhkBjj87gA1gCqqGIAyQ6+40LGplt7Wt5pY2XGWqQQLcq
-qfutUjWQM+HOQEDsodrPu8DR07Q613XdrfMuJGHXDh7a+6xD0nRhpkR9JacoY1h/
-UTObjMFCIwIZ8bYniFLgmJhKlMiuhgNuGsEoSMsFHVDrCsEXZOKkoL8OmRu/V4zo
-2vewbMLL/jvutkmtS8E+R1lt+J6iEI5EYJHONrw=
------END CERTIFICATE-----
diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
index b0c03a2..c132abf 100644
--- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
+++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java
@@ -2,7 +2,7 @@ package at.gv.egiz.moazs;
import at.gv.egiz.moazs.msg.MsgClient;
import at.gv.egiz.moazs.msg.MsgClientFactory;
-import at.gv.egiz.moazs.msg.SignatureVerifier;
+import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier;
import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor;
import at.gv.egiz.moazs.pipeline.DeliveryPipeline;
import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline;
@@ -63,7 +63,7 @@ public class SameThreadDeliveryPipelineTest {
private StoreSOAPBodyBinaryInRepositoryInterceptor interceptor;
@Mock
- private SignatureVerifier verifier;
+ private MoaSPSSSignatureVerifier verifier;
private DeliveryPipeline pipeline;