Merge branch 'master' into PKIModuleUpdate

2 files changed, 340 insertions, 334 deletions

diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
index 18857118..1624fb91 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java
@@ -1,329 +1,329 @@
-/*
- * Copyright 2011 by Graz University of Technology, Austria
- * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint
- * initiative of the Federal Chancellery Austria and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egiz.bku.slcommands.impl;
-
-import java.io.InputStream;
-import java.net.URL;
-import java.net.URLConnection;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.List;
-import java.util.Scanner;
-
-import javax.xml.crypto.MarshalException;
-import javax.xml.crypto.URIReferenceException;
-import javax.xml.crypto.dsig.XMLSignatureException;
-
-import org.apache.commons.configuration.Configuration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.ls.DOMImplementationLS;
-import org.w3c.dom.ls.LSSerializer;
-
-import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateXMLSignatureRequestType;
-import at.buergerkarte.namespaces.securitylayer._1_2_3.DataObjectInfoType;
-import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl;
-import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
-import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand;
-import at.gv.egiz.bku.slcommands.SLCommandContext;
-import at.gv.egiz.bku.slcommands.SLResult;
-import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory;
-import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl;
-import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory;
-import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl;
-import at.gv.egiz.bku.slcommands.impl.xsect.Signature;
-import at.gv.egiz.bku.slexceptions.SLCommandException;
-import at.gv.egiz.bku.slexceptions.SLException;
-import at.gv.egiz.bku.slexceptions.SLRequestException;
-import at.gv.egiz.bku.slexceptions.SLViewerException;
-import at.gv.egiz.dom.DOMUtils;
-import at.gv.egiz.stal.InfoboxReadRequest;
-import at.gv.egiz.stal.STALRequest;
-
-/**
- * This class implements the security layer command
- * <code>CreateXMLSignatureRequest</code>.
- * 
- * @author mcentner
- */
-public class CreateXMLSignatureCommandImpl extends
-    SLCommandImpl<CreateXMLSignatureRequestType> implements
-    CreateXMLSignatureCommand {
-
-  /**
-   * Logging facility.
-   */
-  private final static Logger log = LoggerFactory.getLogger(CreateXMLSignatureCommandImpl.class);
-
-  /**
-   * The signing certificate.
-   */
-  protected X509Certificate signingCertificate;
-
-  /**
-   * The keybox identifier of the key used for signing.
-   */
-  protected String keyboxIdentifier;
-
-  /**
-   * The to-be signed signature.
-   */
-  protected Signature signature;
-
-  /**
-   * The configuration facade used to access the MOCCA configuration.
-   */
-  private ConfigurationFacade configurationFacade = new ConfigurationFacade();
-
-  private class ConfigurationFacade implements MoccaConfigurationFacade {
-    private Configuration configuration;
-
-    public static final String USE_STRONG_HASH = "UseStrongHash";
-    public static final String USE_XADES_1_4 =
-      HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4;
-    public static final String USE_XADES_1_4_BLACKLIST =
-      HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4_BLACKLIST;
-    public static final String XADES_1_4_BLACKLIST_URL =
-      HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_URL;
-    public static final int XADES_1_4_BLACKLIST_EXPIRY =
-        HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY;
-
-    public void setConfiguration(Configuration configuration) {
-      this.configuration = configuration;
-    }
-
-    public boolean getUseStrongHash() {
-      return configuration.getBoolean(USE_STRONG_HASH, true);
-    }
-
-    public boolean getUseXAdES14() {
-      return configuration.getBoolean(USE_XADES_1_4, true);
-    }
-
-    public boolean getUseXAdES14Blacklist() {
-      return configuration.getBoolean(USE_XADES_1_4_BLACKLIST, true);
-    }
-  }
-
-  private static long XADES_1_4_BLACKLIST_TS;
-  private static final List<String> XADES_1_4_BLACKLIST;
-  static {
-    XADES_1_4_BLACKLIST = new ArrayList<String>();
-    loadXAdES14Blacklist();
-  }
-
-  private static void loadXAdES14Blacklist() {
-    XADES_1_4_BLACKLIST_TS = System.currentTimeMillis();
-    XADES_1_4_BLACKLIST.clear();
-    try {
-      URLConnection blc = new URL(ConfigurationFacade.XADES_1_4_BLACKLIST_URL).openConnection();
-      blc.setUseCaches(false);
-      InputStream in = blc.getInputStream();
-      Scanner s = new Scanner(in);
-      while (s.hasNext()){
-        XADES_1_4_BLACKLIST.add(s.next());
-      }
-    s.close();
-    } catch (Exception e) {
-      log.error("Blacklist load error", e);
-    }
-  }
-
-  private static boolean matchesXAdES14Blacklist(String url) {
-    log.debug("Checking DataURL against XAdES14 blacklist: {}", url);
-    if ((System.currentTimeMillis() - XADES_1_4_BLACKLIST_TS) >
-      (ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY * 1000)) {
-      log.debug("Updating XAdES14 blacklist");
-      loadXAdES14Blacklist();
-    }
-    if (url != null) {
-      for (String bl_entry : XADES_1_4_BLACKLIST) {
-        if (url.matches(bl_entry)) {
-          log.debug("XAdES14 blacklist match");
-          return true;
-        }
-      }
-    }
-    return false;
-  }
-
-  public void setConfiguration(Configuration configuration) {
-    configurationFacade.setConfiguration(configuration);
-  }
-
-  @Override
-  public void prepareXMLSignature(SLCommandContext commandContext) throws SLCommandException,
-      SLRequestException {
-
-    CreateXMLSignatureRequestType request = getRequestValue();
-
-    // TODO: make configurable?
-    IdValueFactory idValueFactory = new IdValueFactoryImpl();
-
-    // TODO: make configurable?
-    AlgorithmMethodFactory algorithmMethodFactory;
-    try {
-      algorithmMethodFactory = new AlgorithmMethodFactoryImpl(
-          signingCertificate, configurationFacade.getUseStrongHash());
-    } catch (NoSuchAlgorithmException e) {
-      log.error("Failed to get DigestMethod.", e);
-      throw new SLCommandException(4006);
-    }
-
-    boolean useXAdES14 = configurationFacade.getUseXAdES14();
-    if (useXAdES14 && configurationFacade.getUseXAdES14Blacklist()) {
-      String dataURL = commandContext.getDataURL();
-      if (matchesXAdES14Blacklist(dataURL))
-        useXAdES14 = false;
-    }
-
-    signature = new Signature(commandContext.getURLDereferencer(),
-        idValueFactory, algorithmMethodFactory, useXAdES14);
-
-    // SigningTime
-    signature.setSigningTime(new Date());
-
-    // SigningCertificate
-    signature.setSignerCertificate(signingCertificate);
-
-    // SignatureInfo
-    if (request.getSignatureInfo() != null) {
-      signature.setSignatureInfo(request.getSignatureInfo());
-    }
-
-    // DataObjects
-    for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) {
-      signature.addDataObject(dataObjectInfo);
-    }
-
-    signature.buildXMLSignature();
-
-  }
-
-  /**
-   * Gets the signing certificate from STAL.
-   * @param commandContext TODO
-   * 
-   * @throws SLCommandException
-   *           if getting the singing certificate fails
-   */
-  private void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException {
-
-    CreateXMLSignatureRequestType request = getRequestValue();
-    keyboxIdentifier = request.getKeyboxIdentifier();
-
-    InfoboxReadRequest stalRequest = new InfoboxReadRequest();
-    stalRequest.setInfoboxIdentifier(keyboxIdentifier);
-
-    STALHelper stalHelper = new STALHelper(commandContext.getSTAL());
-    
-    stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest));
-    List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses();
-    if (certificates == null || certificates.size() != 1) {
-      log.info("Got an unexpected number of certificates from STAL.");
-      throw new SLCommandException(4000);
-    }
-    signingCertificate = certificates.get(0);
-
-  }
-
-  /**
-   * Signs the signature.
-   * @param commandContext TODO
-   * 
-   * @throws SLCommandException
-   *           if signing the signature fails
-   * @throws SLViewerException
-   */
-  private void signXMLSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException {
-
-    try {
-      signature.sign(commandContext.getSTAL(), keyboxIdentifier);
-    } catch (MarshalException e) {
-      log.error("Failed to marshall XMLSignature.", e);
-      throw new SLCommandException(4000);
-    } catch (XMLSignatureException e) {
-      if (e.getCause() instanceof URIReferenceException) {
-        URIReferenceException uriReferenceException = (URIReferenceException) e
-            .getCause();
-        if (uriReferenceException.getCause() instanceof SLCommandException) {
-          throw (SLCommandException) uriReferenceException.getCause();
-        }
-      }
-      log.error("Failed to sign XMLSignature.", e);
-      throw new SLCommandException(4000);
-    }
-
-  }
-
-  @Override
-  public SLResult execute(SLCommandContext commandContext) {
-    try {
-
-      // get certificate in order to select appropriate algorithms for hashing
-      // and signing
-      log.info("Requesting signing certificate.");
-      getSigningCertificate(commandContext);
-      if (log.isDebugEnabled()) {
-        log.debug("Got signing certificate. {}", signingCertificate);
-      } else {
-        log.info("Got signing certificate.");
-      }
-
-      // prepare the XMLSignature for signing
-      log.info("Preparing XML signature.");
-      prepareXMLSignature(commandContext);
-
-      // sign the XMLSignature
-      log.info("Signing XML signature.");
-      signXMLSignature(commandContext);
-      if (log.isDebugEnabled()) {
-
-        DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS();
-        LSSerializer serializer = domImplLS.createLSSerializer();
-        String debugString = serializer.writeToString(signature.getDocument());
-
-        log.debug(debugString);
-
-      } else {
-        log.info("XML signature signed.");
-      }
-
-      return new CreateXMLSignatureResultImpl(signature.getDocument());
-
-    } catch (SLException e) {
-      return new ErrorResultImpl(e, commandContext.getLocale());
-    }
-  }
-
-  @Override
-  public String getName() {
-    return "CreateXMLSignatureRequest";
-  }
-
-}
+/*

+ * Copyright 2011 by Graz University of Technology, Austria

+ * MOCCA has been developed by the E-Government Innovation Center EGIZ, a joint

+ * initiative of the Federal Chancellery Austria and Graz University of Technology.

+ *

+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by

+ * the European Commission - subsequent versions of the EUPL (the "Licence");

+ * You may not use this work except in compliance with the Licence.

+ * You may obtain a copy of the Licence at:

+ * http://www.osor.eu/eupl/

+ *

+ * Unless required by applicable law or agreed to in writing, software

+ * distributed under the Licence is distributed on an "AS IS" basis,

+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ * See the Licence for the specific language governing permissions and

+ * limitations under the Licence.

+ *

+ * This product combines work with different licenses. See the "NOTICE" text

+ * file for details on the various modules and licenses.

+ * The "NOTICE" text file is part of the distribution. Any derivative works

+ * that you distribute must include a readable copy of the "NOTICE" text file.

+ */

+

+

+package at.gv.egiz.bku.slcommands.impl;

+

+import java.io.InputStream;

+import java.net.URL;

+import java.net.URLConnection;

+import java.security.NoSuchAlgorithmException;

+import java.security.cert.X509Certificate;

+import java.util.ArrayList;

+import java.util.Collections;

+import java.util.Date;

+import java.util.List;

+import java.util.Scanner;

+

+import javax.xml.crypto.MarshalException;

+import javax.xml.crypto.URIReferenceException;

+import javax.xml.crypto.dsig.XMLSignatureException;

+

+import org.apache.commons.configuration.Configuration;

+import org.slf4j.Logger;

+import org.slf4j.LoggerFactory;

+import org.w3c.dom.ls.DOMImplementationLS;

+import org.w3c.dom.ls.LSSerializer;

+

+import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateXMLSignatureRequestType;

+import at.buergerkarte.namespaces.securitylayer._1_2_3.DataObjectInfoType;

+import at.gv.egiz.bku.binding.HTTPBindingProcessorImpl;

+import at.gv.egiz.bku.conf.MoccaConfigurationFacade;

+import at.gv.egiz.bku.slcommands.CreateXMLSignatureCommand;

+import at.gv.egiz.bku.slcommands.SLCommandContext;

+import at.gv.egiz.bku.slcommands.SLResult;

+import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactory;

+import at.gv.egiz.bku.slcommands.impl.xsect.AlgorithmMethodFactoryImpl;

+import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactory;

+import at.gv.egiz.bku.slcommands.impl.xsect.IdValueFactoryImpl;

+import at.gv.egiz.bku.slcommands.impl.xsect.Signature;

+import at.gv.egiz.bku.slexceptions.SLCommandException;

+import at.gv.egiz.bku.slexceptions.SLException;

+import at.gv.egiz.bku.slexceptions.SLRequestException;

+import at.gv.egiz.bku.slexceptions.SLViewerException;

+import at.gv.egiz.dom.DOMUtils;

+import at.gv.egiz.stal.InfoboxReadRequest;

+import at.gv.egiz.stal.STALRequest;

+

+/**

+ * This class implements the security layer command

+ * <code>CreateXMLSignatureRequest</code>.

+ * 

+ * @author mcentner

+ */

+public class CreateXMLSignatureCommandImpl extends

+    SLCommandImpl<CreateXMLSignatureRequestType> implements

+    CreateXMLSignatureCommand {

+

+  /**

+   * Logging facility.

+   */

+  protected final static Logger log = LoggerFactory.getLogger(CreateXMLSignatureCommandImpl.class);

+

+  /**

+   * The signing certificate.

+   */

+  protected X509Certificate signingCertificate;

+

+  /**

+   * The keybox identifier of the key used for signing.

+   */

+  protected String keyboxIdentifier;

+

+  /**

+   * The to-be signed signature.

+   */

+  protected Signature signature;

+

+  /**

+   * The configuration facade used to access the MOCCA configuration.

+   */

+  protected ConfigurationFacade configurationFacade = new ConfigurationFacade();

+

+  protected class ConfigurationFacade implements MoccaConfigurationFacade {

+	  protected Configuration configuration;

+

+    public static final String USE_STRONG_HASH = "UseStrongHash";

+    public static final String USE_XADES_1_4 =

+      HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4;

+    public static final String USE_XADES_1_4_BLACKLIST =

+      HTTPBindingProcessorImpl.ConfigurationFacade.USE_XADES_1_4_BLACKLIST;

+    public static final String XADES_1_4_BLACKLIST_URL =

+      HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_URL;

+    public static final int XADES_1_4_BLACKLIST_EXPIRY =

+        HTTPBindingProcessorImpl.ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY;

+

+    public void setConfiguration(Configuration configuration) {

+      this.configuration = configuration;

+    }

+

+    public boolean getUseStrongHash() {

+      return configuration.getBoolean(USE_STRONG_HASH, true);

+    }

+

+    public boolean getUseXAdES14() {

+      return configuration.getBoolean(USE_XADES_1_4, true);

+    }

+

+    public boolean getUseXAdES14Blacklist() {

+      return configuration.getBoolean(USE_XADES_1_4_BLACKLIST, true);

+    }

+  }

+

+  protected static long XADES_1_4_BLACKLIST_TS;

+  protected static final List<String> XADES_1_4_BLACKLIST;

+  static {

+    XADES_1_4_BLACKLIST = new ArrayList<String>();

+    loadXAdES14Blacklist();

+  }

+

+  protected static void loadXAdES14Blacklist() {

+    XADES_1_4_BLACKLIST_TS = System.currentTimeMillis();

+    XADES_1_4_BLACKLIST.clear();

+    try {

+      URLConnection blc = new URL(ConfigurationFacade.XADES_1_4_BLACKLIST_URL).openConnection();

+      blc.setUseCaches(false);

+      InputStream in = blc.getInputStream();

+      Scanner s = new Scanner(in);

+      while (s.hasNext()){

+        XADES_1_4_BLACKLIST.add(s.next());

+      }

+    s.close();

+    } catch (Exception e) {

+      log.error("Blacklist load error", e);

+    }

+  }

+

+  protected static boolean matchesXAdES14Blacklist(String url) {

+    log.debug("Checking DataURL against XAdES14 blacklist: {}", url);

+    if ((System.currentTimeMillis() - XADES_1_4_BLACKLIST_TS) >

+      (ConfigurationFacade.XADES_1_4_BLACKLIST_EXPIRY * 1000)) {

+      log.debug("Updating XAdES14 blacklist");

+      loadXAdES14Blacklist();

+    }

+    if (url != null) {

+      for (String bl_entry : XADES_1_4_BLACKLIST) {

+        if (url.matches(bl_entry)) {

+          log.debug("XAdES14 blacklist match");

+          return true;

+        }

+      }

+    }

+    return false;

+  }

+

+  public void setConfiguration(Configuration configuration) {

+    configurationFacade.setConfiguration(configuration);

+  }

+

+  @Override

+  public void prepareXMLSignature(SLCommandContext commandContext) throws SLCommandException,

+      SLRequestException {

+

+    CreateXMLSignatureRequestType request = getRequestValue();

+

+    // TODO: make configurable?

+    IdValueFactory idValueFactory = new IdValueFactoryImpl();

+

+    // TODO: make configurable?

+    AlgorithmMethodFactory algorithmMethodFactory;

+    try {

+      algorithmMethodFactory = new AlgorithmMethodFactoryImpl(

+          signingCertificate, configurationFacade.getUseStrongHash());

+    } catch (NoSuchAlgorithmException e) {

+      log.error("Failed to get DigestMethod.", e);

+      throw new SLCommandException(4006);

+    }

+

+    boolean useXAdES14 = configurationFacade.getUseXAdES14();

+    if (useXAdES14 && configurationFacade.getUseXAdES14Blacklist()) {

+      String dataURL = commandContext.getDataURL();

+      if (matchesXAdES14Blacklist(dataURL))

+        useXAdES14 = false;

+    }

+

+    signature = new Signature(commandContext.getURLDereferencer(),

+        idValueFactory, algorithmMethodFactory, useXAdES14);

+

+    // SigningTime

+    signature.setSigningTime(new Date());

+

+    // SigningCertificate

+    signature.setSignerCertificate(signingCertificate);

+

+    // SignatureInfo

+    if (request.getSignatureInfo() != null) {

+      signature.setSignatureInfo(request.getSignatureInfo());

+    }

+

+    // DataObjects

+    for (DataObjectInfoType dataObjectInfo : request.getDataObjectInfo()) {

+      signature.addDataObject(dataObjectInfo);

+    }

+

+    signature.buildXMLSignature();

+

+  }

+

+  /**

+   * Gets the signing certificate from STAL.

+   * @param commandContext TODO

+   * 

+   * @throws SLCommandException

+   *           if getting the singing certificate fails

+   */

+  protected void getSigningCertificate(SLCommandContext commandContext) throws SLCommandException {

+

+    CreateXMLSignatureRequestType request = getRequestValue();

+    keyboxIdentifier = request.getKeyboxIdentifier();

+

+    InfoboxReadRequest stalRequest = new InfoboxReadRequest();

+    stalRequest.setInfoboxIdentifier(keyboxIdentifier);

+

+    STALHelper stalHelper = new STALHelper(commandContext.getSTAL());

+    

+    stalHelper.transmitSTALRequest(Collections.singletonList((STALRequest) stalRequest));

+    List<X509Certificate> certificates = stalHelper.getCertificatesFromResponses();

+    if (certificates == null || certificates.size() != 1) {

+      log.info("Got an unexpected number of certificates from STAL.");

+      throw new SLCommandException(4000);

+    }

+    signingCertificate = certificates.get(0);

+

+  }

+

+  /**

+   * Signs the signature.

+   * @param commandContext TODO

+   * 

+   * @throws SLCommandException

+   *           if signing the signature fails

+   * @throws SLViewerException

+   */

+  protected void signXMLSignature(SLCommandContext commandContext) throws SLCommandException, SLViewerException {

+

+    try {

+      signature.sign(commandContext.getSTAL(), keyboxIdentifier);

+    } catch (MarshalException e) {

+      log.error("Failed to marshall XMLSignature.", e);

+      throw new SLCommandException(4000);

+    } catch (XMLSignatureException e) {

+      if (e.getCause() instanceof URIReferenceException) {

+        URIReferenceException uriReferenceException = (URIReferenceException) e

+            .getCause();

+        if (uriReferenceException.getCause() instanceof SLCommandException) {

+          throw (SLCommandException) uriReferenceException.getCause();

+        }

+      }

+      log.error("Failed to sign XMLSignature.", e);

+      throw new SLCommandException(4000);

+    }

+

+  }

+

+  @Override

+  public SLResult execute(SLCommandContext commandContext) {

+    try {

+

+      // get certificate in order to select appropriate algorithms for hashing

+      // and signing

+      log.info("Requesting signing certificate.");

+      getSigningCertificate(commandContext);

+      if (log.isDebugEnabled()) {

+        log.debug("Got signing certificate. {}", signingCertificate);

+      } else {

+        log.info("Got signing certificate.");

+      }

+

+      // prepare the XMLSignature for signing

+      log.info("Preparing XML signature.");

+      prepareXMLSignature(commandContext);

+

+      // sign the XMLSignature

+      log.info("Signing XML signature.");

+      signXMLSignature(commandContext);

+      if (log.isDebugEnabled()) {

+

+        DOMImplementationLS domImplLS = DOMUtils.getDOMImplementationLS();

+        LSSerializer serializer = domImplLS.createLSSerializer();

+        String debugString = serializer.writeToString(signature.getDocument());

+

+        log.debug(debugString);

+

+      } else {

+        log.info("XML signature signed.");

+      }

+

+      return new CreateXMLSignatureResultImpl(signature.getDocument());

+

+    } catch (SLException e) {

+      return new ErrorResultImpl(e, commandContext.getLocale());

+    }

+  }

+

+  @Override

+  public String getName() {

+    return "CreateXMLSignatureRequest";

+  }

+

+}

diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
index c3fcd146..249172e7 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/xsect/AlgorithmMethodFactoryImpl.java
@@ -53,27 +53,33 @@ public class AlgorithmMethodFactoryImpl implements AlgorithmMethodFactory {
   /**

    * The signature algorithm URI.

    */

-  private String signatureAlgorithmURI;
+  protected String signatureAlgorithmURI;
   
   /**
    * The signature algorithm ID.
    */
-  private AlgorithmID signatureAlgorithmID;
+  protected AlgorithmID signatureAlgorithmID;
   
   /**
    * the digest algorithm URI.
    */
-  private String digestAlgorithmURI = DigestMethod.SHA1;

+  protected String digestAlgorithmURI = DigestMethod.SHA1;

 

   /**

    * The digest algorithm ID.
    */
-  private AlgorithmID digestAlgorithmID = AlgorithmID.sha1;

+  protected AlgorithmID digestAlgorithmID = AlgorithmID.sha1;

 

   /**

    * The algorithm parameters for the signature algorithm.

    */

-  private SignatureMethodParameterSpec signatureMethodParameterSpec;

+  protected SignatureMethodParameterSpec signatureMethodParameterSpec;
+  
+  /**
+   * Default Constructor
+   */
+  public AlgorithmMethodFactoryImpl(){  
+  }

 
   /**

    * Creates a new AlgorithmMethodFactory with the given