From 62601fb50b606f812933f746f126dda0b8139911 Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Thu, 13 Jun 2019 10:10:22 +0200 Subject: Fix moa-sig-lib's Integration Issues Fixing "ASN.1 creation error: iaik.asn1.CodingException: Length: Too large ASN.1 object: 109" - Set fallback value ('jks') for system property 'javax.net.ssl.keyStoreType' and 'javax.net.ssl.trustStoreType'. If system property is not defined, MoaSigConfig falls back to value from spring environment. Reason: Without this property explicitly set to JKS, the inclusion of eaaf-components-moa-sig-lib breaks the HTTP client builder and the ASN.1 creation error arises. See [1] for explanation. - Why fall back: Allows a user to configure these parameters via command line, but gives meaningful defaults in case of absent command line properties. Furthermore, these parameters can be configured via application.yaml or .properties. Others: - Set fallback value for system property 'moa.spss.server.configuration'. If system property is not defined, fall back to value from spring environment. Reason: Allows a user to configure these parameters via command line while providing meaningful defaults in case of absent command line properties. - Add switch 'moa.spss.is-active' to enable / disable signature verification. - Change log levels of at.gv.* and iaik.* packages to INFO - Add default certstore (copied from EAAF Components). - Add mzs root certificate to cert- and truststore. - Update readme's installation requirements and guide. Refactor: - Extract public interface of SignatureVerification class. - Rename trustprofile folder. [1] Why eaaf-components-moa-sig-lib breaks HTTP client: - Including eaaf-components-moa-sig-lib includes IAIK's jca/jce and xsect, which in turn injects the iaik provider for cryptographic operations and its own key store (iaik.pkcs.pkcs12.PKCS12KeyStore). - The Apache HTTP client builder will ask for a java.base/javax.net.ssl.SSLSocketFactory because it creates an SSL context, even if the connection runs without SSL. - Somewhere down the stack, this will trigger the TrustStoreManager to hand over the systems default trust store (a JKS file) to IAIK's PKCS12KeyStore. This happens if the type properties of the trust stores are not set. - Oracle relaxed a precondition of this trust store (somewhere in between Java 8 and 11) in the TrustStoreManager: Formerly, the trust store was a JKS object. Now, the trust store can be both a JKS and a PKCS12 object. The TrustStoreManager expects the key store to handle both types, and Oracle's keystore does. However, IAIK's key store cannot handle a JKS object, but since eaaf-components-moa-sig-lib was included, the IAIK key store comes first. - PKCS12KeyStore expects a PKCS12 file but receives a JKS file -> Parser Error. --- .../java/at/gv/egiz/moazs/config/MoaSigConfig.java | 78 ++++++++++++++++++++- .../egiz/moazs/msg/MoaSPSSSignatureVerifier.java | 34 +++++++++ .../at/gv/egiz/moazs/msg/SignatureVerifier.java | 47 +++---------- src/main/resources/application.yaml | 19 +++-- .../resources/moa-spss/MOASPSSConfiguration.xml | 7 +- ...0240701.SerNo144ddd(SecureSignatureKeypair).cer | 26 +++++++ ...0240701.SerNo144de4(SecureSignatureKeypair).cer | 23 ++++++ ...0240701.SerNo144df5(SecureSignatureKeypair).cer | 23 ++++++ ...-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer | Bin 0 -> 1485 bytes ...-Test-Root-05-20141215-20241209.SerNo165fae.crt | 34 +++++++++ ...0701-20240701.SerNo144dc3(CertifiedKeypair).cer | 21 ++++++ ...rust-nQual-03-20140723-20250723.SerNo14b4f9.cer | 23 ++++++ ...rust-nQual-03.20050817-20150817.SerNo016c1e.cer | Bin 0 -> 979 bytes ...Test-Sig-02.20141124-20241118.SerNo3969edc1.cer | Bin 0 -> 1029 bytes ...remium-enc-02.20140701-20240701.SerNo144dfd.cer | Bin 0 -> 1159 bytes ...a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer | 26 +++++++ .../moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer | Bin 0 -> 1147 bytes ...remium-Sig-05.20141215-20141209.SerNo165fb8.crt | 36 ++++++++++ ...-Test-Qual-01.20141117-20241111.SerNo16120f.cer | 23 ++++++ ...rate-light-02.20140905-20240905.SerNo153B49.cer | Bin 0 -> 1167 bytes ...remium-sig-02.20140701-20240701.SerNo144e10.cer | Bin 0 -> 1159 bytes ...remium-sig-03.20140701-20240701.SerNo144e13.cer | Bin 0 -> 1159 bytes ...remium-Enc-05.20141215-20141209.SerNo165fb7.crt | 36 ++++++++++ .../toBeAdded/atrust_OCSP_Responder_03-1.crt | Bin 0 -> 1185 bytes .../certstore/toBeAdded/msz-test-root-cert.der | Bin 0 -> 1565 bytes .../test-trustprofile/msz-test-root-cert.der | Bin 0 -> 1565 bytes .../truststores/test-truststores/MZS_ROOT_CA.pem | 35 --------- .../egiz/moazs/SameThreadDeliveryPipelineTest.java | 4 +- 28 files changed, 408 insertions(+), 87 deletions(-) create mode 100644 src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt create mode 100644 src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der create mode 100644 src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der delete mode 100644 src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem (limited to 'src') diff --git a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java index e96d851..6a5eb39 100644 --- a/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java +++ b/src/main/java/at/gv/egiz/moazs/config/MoaSigConfig.java @@ -2,19 +2,80 @@ package at.gv.egiz.moazs.config; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.impl.SignatureVerificationService; +import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier; +import at.gv.egiz.moazs.msg.SignatureVerifier; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import java.io.File; +import java.io.FileNotFoundException; + + @Configuration public class MoaSigConfig { + private static final Logger log = LoggerFactory.getLogger(MoaSigConfig.class); + + private static final String MOA_SPSS_CONFIG_FILE_PROPERTY = "moa.spss.server.configuration"; + private static final String JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY = "javax.net.ssl.trustStoreType"; + private static final String JAVAX_SSL_KEYSTORE_TYPE_PROPERTY = "javax.net.ssl.keyStoreType"; + + private final String trustStoreType; + private final String keyStoreType; private final String defaultTrustProfile; + private final String spssConfigFilePath; - public MoaSigConfig(@Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile, - @Value("${moa.spss.server.configuration}") String serverConfigUrl) { + public MoaSigConfig(@Value("${javax.net.ssl.trustStoreType}") String trustStoreType, + @Value("${javax.net.ssl.keyStoreType}") String keyStoreType, + @Value("${moa.spss.server.default-trustprofile}") String defaultTrustProfile, + @Value("${moa.spss.server.configuration}") String spssConfigFilePath) throws FileNotFoundException { + this.trustStoreType = trustStoreType; + this.keyStoreType = keyStoreType; this.defaultTrustProfile = defaultTrustProfile; - System.getProperties().setProperty("moa.spss.server.configuration", serverConfigUrl); + this.spssConfigFilePath = spssConfigFilePath; + fallBackToSpringEnvForMoaSPSSConfigProperty(); + fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty(); + } + + private void fallBackToSpringEnvForMoaSPSSConfigProperty() throws FileNotFoundException { + log.info("value of spssConfigFilePath is {}", spssConfigFilePath); + + if(System.getProperty(MOA_SPSS_CONFIG_FILE_PROPERTY) == null) { + var realPath = determinePath(spssConfigFilePath); + var realFile = new File(realPath); + + if(realFile.exists() && realFile.canRead()) { + log.info("Set system property '{}' to {}", MOA_SPSS_CONFIG_FILE_PROPERTY, realPath); + System.getProperties().setProperty(MOA_SPSS_CONFIG_FILE_PROPERTY, realPath); + } else { + throw new FileNotFoundException("File '" + realPath + "' does not exist or is not readable."); + } + } + } + + private String determinePath(String abstractPath) { + if (new File(abstractPath).isAbsolute()) { + return abstractPath; + } else { + //resolve relative path as classpath resource + //java.lang.Class needs relative resources to start with "/" + return this.getClass().getResource("/" + abstractPath).getFile(); + } + } + + private void fallBackToSpringEnvForJavaxNetSSLStoreTypeProperty() { + if (System.getProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY) == null) { + log.info("Set system property '{}' to {}", JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType); + System.getProperties().setProperty(JAVAX_SSL_TRUSTSTORE_TYPE_PROPERTY, trustStoreType); + } + + if (System.getProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY) == null) { + log.info("Set system property '{}' to {}", JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType); + System.getProperties().setProperty(JAVAX_SSL_KEYSTORE_TYPE_PROPERTY, keyStoreType); + } } @Bean @@ -26,4 +87,15 @@ public class MoaSigConfig { public ISignatureVerificationService moaSigVerifyService() { return new SignatureVerificationService(); } + + @Bean + public SignatureVerifier signatureVerifier(@Value("${moa.spss.is-active}") boolean isMoaSPSSActive) { + if (isMoaSPSSActive) { + log.info("Moa SPSS is active. Signatures in SOAP Messages will be verified."); + return new MoaSPSSSignatureVerifier(moaSigVerifyService(), defaultTrustProfile); + } else { + log.warn("Moa SPSS is not active. Signatures in SOAP Messages will not be verified."); + return (signedXMLdocument) -> true; + } + } } diff --git a/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java new file mode 100644 index 0000000..6058279 --- /dev/null +++ b/src/main/java/at/gv/egiz/moazs/msg/MoaSPSSSignatureVerifier.java @@ -0,0 +1,34 @@ +package at.gv.egiz.moazs.msg; + +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class MoaSPSSSignatureVerifier implements SignatureVerifier { + + private static final Logger log = LoggerFactory.getLogger(MoaSPSSSignatureVerifier.class); + + private final ISignatureVerificationService service; + + private final String trustProfile; + + public MoaSPSSSignatureVerifier(ISignatureVerificationService service, + String trustProfile) { + this.service = service; + this.trustProfile = trustProfile; + } + + @Override + public boolean verify(byte[] signedXMLdocument) { + + try { + var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); + return response != null; + } catch (MOASigServiceException e) { + MoaSPSSSignatureVerifier.log.error("Could not verify the XML signature.", e); + return false; + } + + } +} diff --git a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java index d6311c4..bf9a2d0 100644 --- a/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java +++ b/src/main/java/at/gv/egiz/moazs/msg/SignatureVerifier.java @@ -1,40 +1,13 @@ package at.gv.egiz.moazs.msg; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.api.ISignatureVerificationService; -import at.gv.egiz.eid.authhandler.modules.sigverify.moasig.exceptions.MOASigServiceException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.stereotype.Component; - -@Component -public class SignatureVerifier { - - private static final Logger log = LoggerFactory.getLogger(SignatureVerifier.class); - - @Autowired - @Qualifier("moaSigVerifyService") - private final ISignatureVerificationService service; - - @Autowired - @Qualifier("moaSPSSServerDefaultTrustProfile") - private final String trustProfile; - - public SignatureVerifier(ISignatureVerificationService service, - String trustProfile) { - this.service = service; - this.trustProfile = trustProfile; - } - - public boolean verify(byte[] signedXMLdocument) { - try { - var response = service.verifyXMLSignature(signedXMLdocument, trustProfile); - return response != null; - } catch (MOASigServiceException e) { - log.error("Could not verify the XML signature.", e); - return false; - } - } - +@FunctionalInterface +public interface SignatureVerifier { + + /** + * Verifies the signature of a signed XML document. + * @param signedXMLdocument + * @return true if the signature is valid; false if there is no signature, if the signature is invalid, + * or if an exception occured. + */ + boolean verify(byte[] signedXMLdocument); } diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 61c7dba..961f437 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -69,9 +69,20 @@ logging: level: root: WARN org.springframework: WARN - at.gv.egiz.moazs: INFO + at.gv: INFO #DEBUG + iaik: INFO #DEBUG + +# default type for java's ssl key/trust store +javax.net.ssl: + keyStoreType: jks + trustStoreType: jks ### moa spss config -moa.spss.server: - configuration: file:./moa-spss/MOASPSSConfiguration.xml - default-trustprofile: test-trustprofile +moa.spss: + is-active: true + server: + # path that points to MoaSPSSConfiguration file; can be: + # - absolute path (unix: starts with /), or + # - relative path (otherwise, relative to application's class path) + configuration: moa-spss/MOASPSSConfiguration.xml + default-trustprofile: test-trustprofile diff --git a/src/main/resources/moa-spss/MOASPSSConfiguration.xml b/src/main/resources/moa-spss/MOASPSSConfiguration.xml index edaaf8a..d2425b4 100644 --- a/src/main/resources/moa-spss/MOASPSSConfiguration.xml +++ b/src/main/resources/moa-spss/MOASPSSConfiguration.xml @@ -41,7 +41,7 @@ test-trustprofile - truststores/test-truststore + trustProfiles/test-trustprofile @@ -64,10 +64,5 @@ - - - SL20Authblock_v1.0 - profiles/SL20_authblock_v1.0.xml - diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer new file mode 100644 index 0000000..eb051dc --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-01-20140701-20240701.SerNo144ddd(SecureSignatureKeypair).cer @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEUzCCAzugAwIBAgIDFE3dMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJB +VDGBizCBiAYDVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIA +IABTAGkAYwBoAGUAcgBoAGUAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUA +bABlAGsAdAByAC4AIABEAGEAdABlAG4AdgBlAHIAawBlAGgAcgAgAEcAbQBiAEgx +GDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UEAxMPQS1UcnVzdC1RdWFs +LTAxMB4XDTE0MDcwMTExMjExNVoXDTI0MDcwMTA5MjExNVowgc8xCzAJBgNVBAYT +AkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwA +cgAgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAA +ZQBsAGUAawB0AHIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIA +SDEYMBYGA1UECxMPQS1UcnVzdC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1 +YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmhgdxIbxTGEOH +fXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f5HGUbascI0i7xG0tqV +lA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ6z77CSw +x7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5F +rrHEqGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVn +X+u/liL2NKx74I2C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDM +lBbN0kmPAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F +6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAQIN9LZbMivO9 +kWLDlDI9cTEIPpRXmgNdaBQRUpZc2ML0vDW6OVI90r8GxFQTE/I7HjrvuqQDTEL1 +qd8tthiazsLYI5eDX1CtJEFFtg25Y9t3tK2HsShb8sCj798hoXsOMFR9qhp5Fjb8 +TX4CVuQ3sK1TKeNlDmpAx6SqkYYT0CCMccsxt2j89ED8Z+B/yW19OZQk3BFDigYL +46YsLKAC96ItFpUOs8ZbAUfUlpVA6G+09EMcDxOcuD/ebLx6I/ynwYAtqYXaizsY +KTE35A3M2ghfGFJ+DlQoh3Bn/RG01LKXXgaVTHHMvvpxBp55wz2SocD/PpFe+D6Q +C016YgTrrQ== +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer new file mode 100644 index 0000000..be29fb6 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-02-20140701-20240701.SerNo144de4(SecureSignatureKeypair).cer @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDyzCCArOgAwIBAgIDFE3kMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTIzMzNa +Fw0yNDA3MDEwOTIzMzNaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDIxGDAWBgNVBAMMD0Et +VHJ1c3QtUXVhbC0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaR +q9eOsFm4Ab20Hq2Z/aH86gyWa48uSUjY6eQkguHYuszr3gdcSMYZggFHQgnhfLmf +ro/27l5rqKhWiDhWs+b+yZ1PNDhRPJy+86ycHMg9XJqErveULBSyZDdgjhSwOyrN +ibUir/fkf+4sKzP5jjytTKJXD/uCxY4fAd9TjMEVpN3umpIS0ijpYhclYDHvzzGU +833z5Dwhq5D8bc9jp8YSAHFJ1xzIoO1jmn3jjyjdYPnY5harJtHQL73nDQnfbtTs +5ThT9GQLulrMgLU4WeyAWWWEMWpfVZFMJOUkmoOEer6A8e5fIAeqdxdsC+JVqpZ4 +CAKel/Arrlj1gFA//jsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E +CgQIQj0rJKbBRc4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBh +MfOINQm4XpzF6DmkOmb/ArSXHf5LObqFmIMooNr2TkyzrUTK/NE+mdrm15Rfdts7 +kZVq/ICfQSFeaPvWaAVq4plH/26OjvMTVv7DfgfPBUxDWqlCuDnDnPAVQ+yo/o5i +BA5uUlMbp5znbDtlxwF/5gWqcn/hKxSUCP1uiOPIlKfeVvsRmBcJAdoixTM/Ic10 +pavJMGOI20onArvQZAUEbXQLA8cs8naxfF6Bo36U9nk6wn7q8VPXhViekByd17F6 +9A+ah0Iqw4SPf9BqNRIe1YxxjDhCmjWt3aoyE3ZFBuGjW+r2ipb/vGU1+2oyy2Fd +2dMmiMQ7gGhWX9X6gWLd +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer new file mode 100644 index 0000000..e1100c7 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Qual-03-20140701-20240701.SerNo144df5(SecureSignatureKeypair).cer @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDyzCCArOgAwIBAgIDFE31MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDMxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMzAeFw0xNDA3MDExMTMwNTZa +Fw0yNDA3MDEwOTMwNTZaMIGLMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1YWwtMDMxGDAWBgNVBAMMD0Et +VHJ1c3QtUXVhbC0wMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOe +JIgc0s9AA0hqqqWgK72W9XwKn5+rUJDbQc5WgHkqwP2TU3qcW/NZYSSIY6PVGO6b +hHSEnOyMPdrBhnpvNi4m6349yT6t565LdHcoKyQg/youwpVkEPZ+e8O32hF9nqvt +L4wZohydjMwzcHUJB/5e+0CkJYwv/bVRZzqoK0yf1midYJukxWOw7nDNKD9KdOpZ ++XXFAAZuH7BjwSqqE138y9JlGzkxIlrCeSJdGfFLwr7OHIgBdPEmQXcyOcaMUGjP +U4VDig+gj+6OC5KjAEC+wKJZXiyhRLj+HyLTDLrQ6O8p5HI3Sov4FuwiMgcqIyzz +o9fNyqmnT3K/vBGOqBsCAwEAAaM2MDQwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E +CgQIRgbfN/LCNxAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBy +jA/CmId9oz8sy4rwEklti+8TLS/aLHkiMqUmKjuHyT/6mz4Qh4fLfAAEv8iGSZiW ++7+Gv7HTcuEEdyNNhUmMGJLSQA/3KBjlttHXLiG943wnvcZf3LtkFc+8Ia5N3bNS +BM6q7/OFKHSS+iHcAJ8XS6SnLITYRyfo0thsXBaHpkTUkEP0uJY+yoE/EcBkvsGX +drLIawu8YOrNZvs3S6Ag0ex5brIdqiNtlUGwRxpLwssfBho5K0NqpXAloHT9kHBd +rGb2GrVdLIesuVivSP9zq09M8bcm3jDPCHv5bcudPZVX7rkr79VphgLfKlINA4Fw +VxCuPLXx/4sCfANQtvuY +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer new file mode 100644 index 0000000..b9a0e5a Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt new file mode 100644 index 0000000..9befb53 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-Test-Root-05-20141215-20241209.SerNo165fae.crt @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIF3TCCA8WgAwIBAgIDFl+uMA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl +c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx +MjE1MTMwMDQ1WhcNMjQxMjA5MTIwMDQ1WjCBlTELMAkGA1UEBhMCQVQxSDBGBgNV +BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry +LiBEYXRlbnZlcmtlaHIgR21iSDEdMBsGA1UECwwUQS1UcnVzdC1UZXN0LVJvb3Qt +MDUxHTAbBgNVBAMMFEEtVHJ1c3QtVGVzdC1Sb290LTA1MIICIDANBgkqhkiG9w0B +AQEFAAOCAg0AMIICCAKCAgEApv3ETyDuseYGvBXgJSiAe7q2dvKtcxlHGlEdEWKv +YUODdXiTIIcwuIU0+F8ybvoQdEVPGDsdzShhXKgMfdGY5WF1BslCgjwcr4h6GWgt +cSkXXFIYVV5GCrac4DhM60EvtXpadi8dNMu7dUKZjqES9UPC6Gc5H6fadauLaV6b +DbNrJufXUditjEbhqj5uX3u4/+nFRH8g1DiQm5RCC3ttVe0/7buJipErVQ9Sbhzk +hkFlzLbph2s2hiEP8NB5tXM3ffxmJ2Yv98+U1Ec0iXvsoGhqRyZVn1huTi+9PJnP +IyPfXDkqWv49E/WeZsaZ48kdVx9xIC6OVYF0GCDsKjsKWN+4xL6/eYvSnyIBij/A +e1T3wkLhp+bDyqxnvDatMlWchfbZxicvzr83c8SGt81RBekwbG/HGPRE4x5DnTkQ +67DTMzMSmW+FAJdZG2Ofsg9+D+v+iqRD310maLABtko3e+xm601FS8d0lDFJVGgG +36IB+ZrUIXmLfOIQjlF/yx566oUmSif3QRgmnSuNtunffXHBbL0qFAiEDwwHg41t +zBiSswKRWa5J/BMIung+6T8gw5kY3c3yJ+pUip4J2oeVa9jZlO/AY7k5BCeGh5Ky +zu22GMQIp9ulIIfUKx8jcnhtDy07UEmaWqv3rVsqKWF9v9B4z2SMiH1oFEgrNAxi +v98CAQOjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEQv+xQJkonQMA4G +A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEASO7M8elac5VTP+FjuL1S +nS72NaIP/RGYmw6967irlG5qQ0cGmCZO5J8SsL7xc3BMofMQMbrsGEryO1F4Y95B +o419IzqPb8sYHlx1Du+F2D01qXBmGP/NcqQIo9twLa+man16l7SFF/iNof2axigM +TUcWzqHUxtSjCPoU44qTsi8vVuQKRP8gMGlVCty0joc0gEW8PqKiMaKxI+tglVA6 +czwvPXfk9pJkL3hhDg/p59iKJTkEKIDtvugrZ4ZqOCBL5xv1Tar3BMBAKSfl/YoQ +/p6ATGlKkjSbMyU7vUGxXldNALHkezxFufuDZEF/erp3hCVADbQMKgyM7Diu6cKB +0s4+POeTQoSQ2dnMQJdgAfeGcd3twy2s/M/xHAVGPAPIQWH7ppVcs6AbVXQabHxJ +YZU7G2ct8Se0r8RLq+iRYrWhFKl8mmVBNwK2WJhjWPv2fqM1xYtbbwH6zoV/Sf8j +uIbx/5A/MJo/4s/9ciafJLVzLvkOh6Bhf310TAxyB9mDiL00KAuVTDtwYfzo1+jw +0bInpPqTCkgszn0LbajeaEIc7lQ7neY0gmMqDvnhA+5LyHJXuX5tDF+1/KDijlLs +p/k1/YZfe1Ai1+gcRoAlp2O80tKaJWZPkf8POffyIkSxJbHlKF6r3TWs7JYr+YUi +lm2dyCqZ9RUD5ZN2YRntJoo= +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer new file mode 100644 index 0000000..e90f5f2 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-01-20140701-20240701.SerNo144dc3(CertifiedKeypair).cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDXTCCAkWgAwIBAgIDFE3DMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNVBAYTAkFU +MRAwDgYDVQQKEwdBLVRydXN0MRkwFwYDVQQLExBBLVRydXN0LW5RdWFsLTAxMRkw +FwYDVQQDExBBLVRydXN0LW5RdWFsLTAxMB4XDTE0MDcwMTExMDk1NFoXDTI0MDcw +MTA5MDk1NFowVTELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB0EtVHJ1c3QxGTAXBgNV +BAsTEEEtVHJ1c3QtblF1YWwtMDExGTAXBgNVBAMTEEEtVHJ1c3QtblF1YWwtMDEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD/9RyAEZ6eHmhYzNJ328f0 +jmdSUFi6EqRqOxb3jHNPTIpK82CR6z5lmSnZQNUuCPD+htbNZffd2DKVB06NOyZ1 +2zcOMCgj4GtkZoqE0zPpPT3bpoE55nkZZe/qWEX/64wz/L/4EdkvKDSKG/UsP75M +tmCVY5m2Eg73RVFRz4ccBIMpHel4lzEqSkdDtZOY5fnkrE333hx67nxq21vY8Eyf +8O4fPQ5RtN8eohQCcPQ1z6ypU1R7N9jPRpnI+yzMOiwd3+QcKhHi1miCzo0pkOaB +1CwmfsTyNl8qU0NJUL9Ta6cea7WThwTiWol2yD88cd2cy388xpbNkfrCPmZNGLoV +AgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECE5ZzscCMocwMA4G +A1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAO3hBdwsNQOtYOAlC2PKT +sdNexKqMefFGrGDYIEAflaudwpcqUgv7fLLhMNRMT+BcXtqXtfNHGsll2GwseuMq +C02bPUmbfNV4P9djIz/s6qqvNQaQneFzhuXn+i0YQ10sFFVeIL3qrBMl1lwBeQ64 +/GyvrbGiHuuagEUc25CDrUqni+b+azaPUsRG6IXkIWG0H6WIMqtxIdHzAV/1raKh +PKot1VhG2rivf1cBBGXU/0VSYBitXrLNwXwlX2ad0WiFHUF8RS9F3j2vVSYMfxer +NPNaRLtCkHNSqCIDkMmmHJKbJbKJzMaZYmX2i2nc16HCpE/gbQc3etQCl3GvzO88 +xw== +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer new file mode 100644 index 0000000..2284687 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03-20140723-20250723.SerNo14b4f9.cer @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDzzCCAregAwIBAgIDFLT5MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwMzgy +OVoXDTI1MDcyMzA4MzgyOVowgY0xCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMM +EEEtVHJ1c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQCtPWFuA/OQO8BBC4SAzewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUj +lUC5B3ilJfYKvUWG6Nm9wASOhURh73+nyfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZ +znF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPESU7l0+m0iKsMrmKS1GWH +2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4iHQF63n1 +k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs +2e3Vcuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYD +VR0OBAoECERqlWdVeRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC +AQEAEoykPeAA/6iKm6YnfxsSHFe+Dtian2yAH8L2TqMdcHeSB/7L1x73uuDeYku1 +hbKQAXnfXntf8R+VgjQBTww0aDb5164netYcFbK0g8uVWVCqOl8wf3JbAUxHS9br +cFKks+CJKPr6qQ6H+sb1o9127c9IQSZYP3S/gMAaGw0cSTlsnosE0P5Ur5vHsapm +FV3V+VOjYNs2GLSu4XQCYvSIpsfDJp8VsJ/BMYS9GqGvQ/9qGa0fwEbEMadb5mcJ +tw/EKg4gJthMgxOfO5eVuCQ3PAEWOe5lrOrTdvTIlhphUuns5hoIdlyLuNqewK3s +FJ6N46sU7LjJLqSKYEB8usoIiw== +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer new file mode 100644 index 0000000..33e7763 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer new file mode 100644 index 0000000..1bb4494 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-Test-Sig-02.20141124-20241118.SerNo3969edc1.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer new file mode 100644 index 0000000..6c0c042 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Premium-enc-02.20140701-20240701.SerNo144dfd.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer new file mode 100644 index 0000000..04627da --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.20140723-20240723.SerNo14b4fd.cer @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdzCCA1+gAwIBAgIDFLT9MA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5R +dWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5RdWFsLTAzMB4XDTE0MDcyMzEwNDIw +NVoXDTI0MDcyMzA4NDIwNVowgYcxCzAJBgNVBAYTAkFUMUgwRgYDVQQKDD9BLVRy +dXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0ZW52 +ZXJrZWhyIEdtYkgxFjAUBgNVBAsMDWEtc2lnbi1TU0wtMDMxFjAUBgNVBAMMDWEt +c2lnbi1TU0wtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjPM6 +PqgdPBPV4Efudpytt2Y4GZJfjeRdZo5SCuULDvvL+23xxBWnR3scFvfE1ekHN/YK +k+2/qhU2B2ntoSNJSyDchNM8YPc9Lx67zZyhQTZgbBzh3IZAVb/hwuRRRV68JCBj +r3r6v7IbwjH5XcVISdB4szx0z93aAQyKW9QkV+tD5a1vWFETvdHsZeVmDzfqcdsG +AznPJw+9HrImCsswCWYUgPcFRkPNjj2r2NoyckVN781aWmNTAqJPf/Ckj9l9pUIt +Vjhy8XNJW4iVDBkkykBXcGSkIau0ypJrRjsD1jKqUTIRZ/y2HlyltmwWi8OuyBLd +LaHDbjc0b6JmqoivAgMBAAGjgeMwgeAwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4E +CgQIQD6h02K0A90wEwYDVR0jBAwwCoAIRGqVZ1V5EU8wDgYDVR0PAQH/BAQDAgEG +MIGUBgNVHR8EgYwwgYkwgYaggYOggYCGfmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQv +b3U9QS1UcnVzdC1uUXVhbC0wMyxvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJl +dm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1 +dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAbHQvTl94ommGFln3s6wmd/tr6r5R +3FR3A7O/uiGEAqm/7B84KGkTmKHhChGMiCiMcBSGtMx1IaO+t7gimLtRL57wgeIf +k6nsgcbBioh0nO12XDagdtj75Dr7buEFyQvFdfydi5cAwScLW+YYxtwDni9/debd +ypFKeCRxdCX12n0oFQDPJf8YvE4CaDitBJCQrZdJBDpB6muF8mpNq8CIuyTPIBZX +RPKJNfIraKq/Xi7tuLkvWVGVsSqJeTvP++05Tvv/44+XBpCp3sUrjsb0G0Mj90PG +SnAapsrgzDzLO/LQ8vrB9H2oRM4iYfUxu/dKSOBVXa3WQzsLBL0/9zZ30g== +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer new file mode 100644 index 0000000..a699436 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt new file mode 100644 index 0000000..ee17cdb --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGQTCCBCmgAwIBAgIDFl+4MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl +c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx +MjE1MTMxMDE5WhcNMjQxMjA5MTIxMDE5WjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV +BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry +LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1 +bS1TaWctMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tU2lnLTA1MIIC +IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAq9PRwApA35K3LT0p5IYtNZMS +BFJsIkzjgF4FRQ36PtxeNsPL6iPgfFjWLZzVT1arHrC6ciz97haDWEN5Jq+aVaZp +gvFtvqZXlwYOWP0sshQg1aP7zrfH/N6yqjkrXHyzgmSz3SVIbdj5CqUJz/+94FCR +cA8XkQ3WZAjSkRB+MSIY8umftkmJOVAstaG28OEtpmqwBLRh/QGcNZzfhyrPS2Ls +5BAKQW9SBb1nXn8JOHq0Bd8zHShHbny9X/qT0xqeFfwItZWiW7iu3LgbGqfB3J4d +s+9iecwHDsmYdSb2quGmzJXejmvktFZte9dlF7BuBqier+R3/czdLteRems5S9Ka +hlP3+f3CnFwKihyVMhnuf5HyhCo1Fvrt+igWtNnos38qzB5RzRTJXnvZyrtTJMQE +/8ZuV2B12Oaf0AQjt+o/SPKeaTBX2yes0S1xbQy7xJzNhgBJ2Ir3OI6SoOooVN+9 +kQuzD7NsJBJzIy4dHCvOgs0C1ro8DROaV3Usn58eYOkLDrPGpEBmFq7GnsxnbeEh +5zzlgh00R9cy5PxiO40U+KxnTmQl+/vc9i1plDLsTRePeThKgS0UOIRZP7voYKdu +IJaEzufNXUxZbCc9Mq3V552BmRPhL9Ouf/bfaVMmkY4p7BdU57stxDfVwG9biujj +AVPA7DeRm+S0kzWRq0kCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov +L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME +DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhB0SNOEjM1 +3jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAEiqm52uEL2giMCy +8i1tIbqKP3SeJnYxhJgN4d3caWqfE1CoEUQjsN8t7sF866TOYJMrQ+/dS8bUqNiG +x4vvPrDq3DUSyKflgPaz+36xtB4BTlIiYTzio7Tnv+d5n+MsM6c/rijJzRx38FLM +tZTAfr7dXv5KxrfYrrEnPrGg0gMlYqX3rB1TKQnPx5qG3e2YXc6tdvDeXhh9cXj3 +76VJony7iV0ccKWNXRRNx1X0po/Luu6EMD/5czArtmO0KmGXO3gK3Fy7pxUbdBra +nSJNsY+Fv4X3zqf5n9ZM4Yut7KSqBiQbuMmIzLZkICJOWN5t9mOTStgmZjGqBdQN +sRuVinaLxA88Fd32ZmFxbagOLeKEXPTQT/ERbDOjhShY6jA2/LkIcg9mwDDOubsp +FcZaYlyXmvD+HNVxL5B4BGDWoGHmCxaj+bcYP4U797bpE90sTnMIQd6JoYEMQSIy +Re0S4jKIOkCqBDkPBIXZf/IizTvJiQoFUtT7civFYhcUHDOcWs69NUU3F6sEBZmq +C1uIRm7zD6FUPNpVcfVIeqcfWsnx5bSKwheh9Dk/A3eTmxjpodV4tIq6BfCLdq52 +85dumPB4zz/EmCuZ0hwy9/TJwaogVMqicvr1/pQXDM7T6fCM0vK9w/e4ejmX61TK +6MsTXFjxlwpIacl4fkAxk6L22xfB +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer new file mode 100644 index 0000000..60bc9a5 --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-Test-Qual-01.20141117-20241111.SerNo16120f.cer @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2zCCAsOgAwIBAgIDFhIPMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRwwGgYDVQQLDBNhLXNpZ24tVEVT +VC1RdWFsLTAxMRwwGgYDVQQDDBNhLXNpZ24tVEVTVC1RdWFsLTAxMB4XDTE0MTEx +NzA3NDAzNloXDTI0MTExMTA2NDAzNlowgZMxCzAJBgNVBAYTAkFUMUgwRgYDVQQK +DD9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4g +RGF0ZW52ZXJrZWhyIEdtYkgxHDAaBgNVBAsME2Etc2lnbi1URVNULVF1YWwtMDEx +HDAaBgNVBAMME2Etc2lnbi1URVNULVF1YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQD4TRgyXzhxJ2AkndX0RPY771f64dsJrReEeuShLRK5io0B +kJWc4t7wuD1B98cJ0MUPlMmOJ2Ckc/vuLhQUyY3qEUmhMhixCUIcdHQ5yH3H0yMV +HxyJxAG83fE8M25kpKA4TzzMW8KPd2S63wbpPElyEy7vrllrLxvdQRSDpMZMvRg8 +fvoDGAehxsnKKwlXZuMq1aSBzfMz3cMBDKxvqzDIz7yC1iWNkdiwog3a5a5PbViK +shhZ0h+bx9WFDpiN6ooPQgcGhjD+NqIDoiOr7CUFHp+HiC6xIsEFJaBHTf3dRZ61 +0r1FDABx0Yj8+wlXSQLYq/1nR/QMwsvH0Cz1qYTPAgMBAAGjNjA0MA8GA1UdEwEB +/wQFMAMBAf8wEQYDVR0OBAoECE8h1CulBqTdMA4GA1UdDwEB/wQEAwIBBjANBgkq +hkiG9w0BAQUFAAOCAQEAimFu+xTm3UdyU+fO+2hz4DS20OGSC9NBDkorjzhRPWoZ +IVhUi6yH5drqSBm4/2ZYS1Ba5npzfyJwm+cLO28ljxAApfRHlbN0y83hKv7c0I7g +zWTMRs8X8ar5Gd7d4O5jpC4PAaZ1ozSDoE06U5im6YMLaJy/0QYvf5EQBMvLdeoc +d1vl17JYKYqYzcX2dvayikrfiglFqDaZZ66yJPBSuiyNhXpPkbXsOoyyTPtV/0Bh +eKIQiQyJID5aZtR7D4fBAzKdp5wB9KLQXBZ80hrwqrIuy+ME0tFaBWYBi8dzQ1iq +/E3Qz0USfGmxPMm8y/zRqsDvxZCRiSuvzBkOXbGMdA== +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer new file mode 100644 index 0000000..e4bd48d Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-corporate-light-02.20140905-20240905.SerNo153B49.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer new file mode 100644 index 0000000..74c4ce3 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-02.20140701-20240701.SerNo144e10.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer new file mode 100644 index 0000000..6c50ec0 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-premium-sig-03.20140701-20240701.SerNo144e13.cer differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt new file mode 100644 index 0000000..9ea6d0c --- /dev/null +++ b/src/main/resources/moa-spss/certstore/toBeAdded/a-sign-test-premium-Enc-05.20141215-20141209.SerNo165fb7.crt @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGQTCCBCmgAwIBAgIDFl+3MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl +c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx +MjE1MTMwOTAwWhcNMjQxMjA5MTIwOTAwWjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV +BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry +LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1 +bS1FbmMtMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tRW5jLTA1MIIC +IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEA2YDEweWMfTpWbHjFwzPl5tri +jaL4tmhuHQzuSAEO080+m5Dc38Rj5xHf1MNCxvAx18+3A+b0WDDhtdJh+SXVxAQq +/VhnaOFcdlvun0/4+l4Xynf6xd0r8WfQgnTAER4iFzGoWnOFQZqF3JGsx0mxd5Ss +6kbs+4Gd/FmdAD09qTb+e3FtQC9aszVb5j57LB14Ka+iVXMEFq6J1uvvdjIcwbeL +7gOGOLzn9dArFT4bfMIE/gBOJnY3Ulp16jOMGb2sY+9u9rGJ84jSpYKEsL+RBoJr +23O5rfdrVi/+fWC0QaDqwhI46lLr9Erkk7NjEeElZ+Tj2A5KK4K0FNvzAIqxki1Z +/MQcBfknbq9jxUZs4zUl9QA7ufCqmFhi4qQxycEfUEXsTFlya2IgWqavA1OFZ7Ww +tJQOR/EQUvtH/fIE7nompnxzWxi1iAvVkv0OEsAYVRd9ldviLl9wLzpQoOPvwc/B +kRLvriWH/Bjyc8+SeAfK92ZRHh+a1HBsX7XKuZwKJ/pVKF4EtalbZXlSuQau/Mc0 +ImS49AL/GjfShp/IhGHfBQbTjR3vhZfakG6wvSFnGaRt2ohxMHb0fSK7xNrDpfNV +Orloh77ry44C4jjQIairRW1l4CLilbitKpHO4VtZ443w25fud2FapvdesoUfHogV +KTce4dGvW3jrN7/8TRUCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov +L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME +DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhH2pAliBnO +GzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBADDqJFkkBD6tUmiu +L45YlXWKogD5eUfM+xnNVdg60M4HXHksVGT49CiY1vWzuLwUD3CXQ1W7yBKnLB5b +GcoaHNgZDhNskYJCZu9K0g8oqNEN3Hb2QoKqyCaOlKV0dXILq/3SbdcXvUkUPS9K +nWkX48tVMcw3OAmRYKwBK6tkUBwVw0VJ49sT+9qgPGCb8HYafSjCTnb3kdKGYK7a +0E6eVBjYf6WcMfvCIYma5Zi4fx7U0K6RN8xJvhRHAZK3uJphk1QciAIxViFIPnex +htgywJNHRautIsDbRGwdDVOUB6VdCFF19HnO9C4p2+pggCi9nT/I4CklZGZ5Q0VB +j9knsSFXYMY9QFGm3feiVIXAy2Pp7IMB21KNZKgqCLQRgANNdvkWwO97lcxpmocS +/p9LIEYDpa9tIvBrTiK39hUixeQaMhvlrSN3H49NqoxsStv8UEvSbjLJAuOcK1oV ++IWA8RbBwippM45729X7nGdPUbxys+rn7F04WNe+oQN96hKX4VJ6OCANz1bca6LV +sPtkFej+SLbpALVH3YvP4ct1UQms3UnuN9m1A0ceB4u4KroHBHlSGLB6K3UI3E42 +cYVaGrbflSvwwXxCHUvrCeL+eNKgI2Vyt29aHVJO0OMAS03Eb1PcygeNU4h6t+CS +UBU+/OTtSQGrLe+kMKP6uBO/cMhv +-----END CERTIFICATE----- diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt b/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt new file mode 100644 index 0000000..ebfbce9 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt differ diff --git a/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der b/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der new file mode 100644 index 0000000..3e136d4 Binary files /dev/null and b/src/main/resources/moa-spss/certstore/toBeAdded/msz-test-root-cert.der differ diff --git a/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der b/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der new file mode 100644 index 0000000..3e136d4 Binary files /dev/null and b/src/main/resources/moa-spss/trustProfiles/test-trustprofile/msz-test-root-cert.der differ diff --git a/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem b/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem deleted file mode 100644 index 57963bd..0000000 --- a/src/main/resources/moa-spss/truststores/test-truststores/MZS_ROOT_CA.pem +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGGTCCBAGgAwIBAgIUEzQUFWuzrC0F4mODQYgPZ/Lhq04wDQYJKoZIhvcNAQEL -BQAwgZMxCzAJBgNVBAYTAkFUMRAwDgYDVQQIDAdBdXN0cmlhMQ0wCwYDVQQKDARJ -QUlLMQ0wCwYDVQQLDARFR0laMSMwIQYDVQQDDBpFR0laIENSQUJFTlNURUlORVIg -Uk9PVCBDQTEvMC0GCSqGSIb3DQEJARYgY2hyaXN0b2YucmFiZW5zdGVpbmVyQGVn -aXouZ3YuYXQwHhcNMTkwNDIzMTQwNTU2WhcNMzkwNDE4MTQwNTU2WjCBkzELMAkG -A1UEBhMCQVQxEDAOBgNVBAgMB0F1c3RyaWExDTALBgNVBAoMBElBSUsxDTALBgNV -BAsMBEVHSVoxIzAhBgNVBAMMGkVHSVogQ1JBQkVOU1RFSU5FUiBST09UIENBMS8w -LQYJKoZIhvcNAQkBFiBjaHJpc3RvZi5yYWJlbnN0ZWluZXJAZWdpei5ndi5hdDCC -AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMclj0pHf7LxLXEvtz+P7mxI -5U5Lx0xDiEY4XeLn75jis3IQotv3zmUz8Mvv9rkAT7y9JMJyJPBUPo2iWCO/dtm+ -qYlCy4fNPGvGPyjE05TM+JhG8bijpgO2EEZmKv48by+UUzioX8H/to5n8xNzDu8C -bibBddbGyfQ9E7PkR2VhdW8PkUrqJCxeG/xiwS0h1U2v++4ZKQpS78rj75KNEExx -t8spzZFyKV3i5mTkW2Exp5OSr07SpadjlRqkYWkdZsAPnaK4L4KQ+rrL9qXb/fzK -syD2LkAHimV3s19IZjGVbdwCtgacDZlME3zNfGxIC0hAeJsSXJJN2FMO3SrnXv2b -CDJT3SOCF+PMhmv41PGMswQxnCtPvB9659y/Cr/tHkY5bhQiR4XamZie7IkxpsMa -WpV4jCY9iz1L8OsM62DVRsztDWw1w1j2dyWyODNbxaI7fEWg9klUW7GgEDYBeJ2h -9kfgwZXiMZkw/7+0VHU97a7AKmpCXP3kH6n1z3MAgaf+Dd4Gq7RXB+4HEZ31uiNO -OqrnayFs2td/X7cl/0ioNLnJ/hbaOmHsGDQo5W0WyXg9bVkLtezajVwTCKkRdUnn -kAXL0y+x/aRc2CycE7tlC0SHtBDTVjdx5CWeulynBMMiMWZwb+HR9id/rnifp3Vk -/CPA+eyjiVtt8uXXozLFAgMBAAGjYzBhMB0GA1UdDgQWBBSK8/VCjnMFpNKrPSEv -k+GF/qM5izAfBgNVHSMEGDAWgBSK8/VCjnMFpNKrPSEvk+GF/qM5izAPBgNVHRMB -Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAp/fR -A+cZlMw0jtiFRYy7096dadgjefIcQVgZYNTL3zuPrXyRIHMp4dTlNnREkobmzkcy -jWN/I41hm2SHt86+E1c7n/wd1KE1oefqoRkhQws84718zlLBkL/iMwluzE4ZzqiE -RPxBFv23QqFLzaZpqan4ic9zlkqW1d8IZ9kt9vctAxUIju4hXqozUfaYIjIThutU -wkIgN1A6e6qugFYB9jkhijnMw0HJeP19JbBUNGp9bP3GiSEc+S1ydddU2492rDQj -NQKvUMvGUhoUdxbbcUhxs6i6Gfct5bCXRN+r7d+mpwFrpN9xv0a0a7y5GNZk//2S -0qsqQwVEHYa0fDxsBFLnM7i2EY6+eo9mMccOgn0Jk8z+IIU3OCHgRs3df8R0zWbd -2FSeqrHTTtgcnmfEx3TMZnuuLfOCIwczl/4DP6M5Z6xwp/MKXzUWFy5SP1wkLe9i -KiTaYeYLiVZb4AluW8TdhkBjj87gA1gCqqGIAyQ6+40LGplt7Wt5pY2XGWqQQLcq -qfutUjWQM+HOQEDsodrPu8DR07Q613XdrfMuJGHXDh7a+6xD0nRhpkR9JacoY1h/ -UTObjMFCIwIZ8bYniFLgmJhKlMiuhgNuGsEoSMsFHVDrCsEXZOKkoL8OmRu/V4zo -2vewbMLL/jvutkmtS8E+R1lt+J6iEI5EYJHONrw= ------END CERTIFICATE----- diff --git a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java index b0c03a2..c132abf 100644 --- a/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java +++ b/src/test/java/at/gv/egiz/moazs/SameThreadDeliveryPipelineTest.java @@ -2,7 +2,7 @@ package at.gv.egiz.moazs; import at.gv.egiz.moazs.msg.MsgClient; import at.gv.egiz.moazs.msg.MsgClientFactory; -import at.gv.egiz.moazs.msg.SignatureVerifier; +import at.gv.egiz.moazs.msg.MoaSPSSSignatureVerifier; import at.gv.egiz.moazs.msg.StoreSOAPBodyBinaryInRepositoryInterceptor; import at.gv.egiz.moazs.pipeline.DeliveryPipeline; import at.gv.egiz.moazs.pipeline.SameThreadDeliveryPipeline; @@ -63,7 +63,7 @@ public class SameThreadDeliveryPipelineTest { private StoreSOAPBodyBinaryInRepositoryInterceptor interceptor; @Mock - private SignatureVerifier verifier; + private MoaSPSSSignatureVerifier verifier; private DeliveryPipeline pipeline; -- cgit v1.2.3