aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java17
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/ConnectorFactory.java38
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java9
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java86
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java24
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java4
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java8
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedIdFormatter.java33
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedLocRefMOAIdFormatter.java34
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/OldMOAIdFormatter.java25
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java14
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java9
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java15
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java4
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java8
-rw-r--r--work/cfg/config.properties44
-rw-r--r--work/templates/bku.etsi-bka-1.0.verify.request_.xml14
-rw-r--r--work/templates/bku.etsi-bka-1.0.verify.template_.xml13
-rw-r--r--work/templates/default.bku.sign.detached.xml17
-rw-r--r--work/templates/default.bku.sign.enveloping.xml14
-rw-r--r--work/templates/default.bku.verify.request.detached.xml14
-rw-r--r--work/templates/default.bku.verify.request.enveloping.xml9
-rw-r--r--work/templates/default.bku.verify.template.detached.xml13
-rw-r--r--work/templates/default.bku.verify.template.enveloping.old.xml6
-rw-r--r--work/templates/default.bku.verify.template.enveloping.xml6
-rw-r--r--work/templates/default.moa.sign.detached.xml19
-rw-r--r--work/templates/default.moa.sign.enveloping.xml19
-rw-r--r--work/templates/default.moa.verify.request.detached.xml15
-rw-r--r--work/templates/default.moa.verify.request.enveloping.xml10
-rw-r--r--work/templates/default.moa.verify.template.detached.xml1
-rw-r--r--work/templates/default.moa.verify.template.enveloping.xml11
-rw-r--r--work/templates/moa.etsi-bka-moa-1.0.sign_.xml19
-rw-r--r--work/templates/moa.etsi-bka-moa-1.0.verify.request_.xml15
-rw-r--r--work/templates/moa.etsi-bka-moa-1.0.verify.template_.xml1
34 files changed, 352 insertions, 236 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
index 6ea0a5b..cdc0aa8 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
@@ -65,7 +65,6 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.bku.SignSignatureObject;
import at.knowcenter.wag.egov.egiz.sig.signatureobject.SignatureObjectHelper;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.egov.egiz.tools.Normalizer;
-import at.knowcenter.wag.egov.egiz.web.SessionInformation;
import at.knowcenter.wag.exactparser.ParseDocument;
import at.knowcenter.wag.exactparser.parsing.PDFUtils;
import at.knowcenter.wag.exactparser.parsing.results.HeaderParseResult;
@@ -775,25 +774,16 @@ public abstract class PdfAS
// TODO the choosing algorithm should be extracted into a visitor or factory design pattern.
public static List verifySignatureHoldersWeb(List signature_holders,
- // String connector, String loc_ref) throws PDFDocumentException, NormalizeException, SignatureException
- SessionInformation sessionInfo, String loc_ref) throws PDFDocumentException, NormalizeException, SignatureException
+ String connector, String loc_ref) throws PDFDocumentException, NormalizeException, SignatureException
{
List results = new ArrayList();
-
for (int i = 0; i < signature_holders.size(); i++)
{
SignatureHolder holder = (SignatureHolder) signature_holders.get(i);
- SignatureResponse result = verifyWeb(holder, sessionInfo.connector, loc_ref);
+
+ SignatureResponse result = verifyWeb(holder, connector, loc_ref);
results.add(result);
-
- // increment current_operation to be sure that every signature holder is verified
- // if not incremented, the first document is always verified correctly but other not
- // because the first document is everytime sent to MOA.
- // FIXXME: running too slow
-
- sessionInfo.current_operation++;
}
-
return results;
}
@@ -915,7 +905,6 @@ public abstract class PdfAS
SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(so_to_be_verified);
String profile = so_to_be_verified.getSignatureTypeDefinition().getType();
-
Connector c = ConnectorChooser.chooseWebConnectorForVerify(connector, so_to_be_verified.getKZ(), so.id, profile, loc_ref);
return c.doVerify(sd, so);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/ConnectorFactory.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/ConnectorFactory.java
index 236f260..8d9a480 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/ConnectorFactory.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/ConnectorFactory.java
@@ -49,8 +49,6 @@ public abstract class ConnectorFactory
* </p>
*/
protected static final String CONNECTOR_INFORMATION_FIELD_NAME = "CONNECTOR_INFORMATION";
-
- protected static final String MOA_SIG_ID_VISIBLE_KEY = "moa.sign.id.active";
/**
* The list of available Connector implementations.
@@ -322,30 +320,18 @@ public abstract class ConnectorFactory
*/
public static boolean needsSIG_ID(String connector)
{
- //boolean return_result = true;
-
- if(connector.contains("moa"))
- {
- String moa_sig_id_visible = null;
-
- try
- {
- moa_sig_id_visible = SettingsReader.getInstance().getValueFromKey(MOA_SIG_ID_VISIBLE_KEY);
-
- if(moa_sig_id_visible == null)
- return false;
-
- if(!moa_sig_id_visible.equals("true"))
- return false;
- }
- catch (SettingsException e)
- {
- String log_message = "Can not load signature settings. Cause:\n" + e.getMessage();
- logger_.error(log_message);
- throw new RuntimeException(e);
- }
+ // all modernn detached signatures have the SIG_ID field.
+
+ try {
+ if(!SettingsReader.getInstance().getValueFromKey("moa.id.field.visible").equals("true"))
+ return false;
+ } catch (SettingsException e) {
+ e.printStackTrace();
}
-
- return true;//return_result;
+
+
+ return true;
+ //return !connector.equals("moa");
}
+
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
index a9fad94..62944e4 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/SignatureObject.java
@@ -1606,15 +1606,6 @@ public class SignatureObject implements Serializable
setValueBruteForce(SignatureTypes.SIG_ID, null);
continue;
}
-// else
-// {
-// try {
-// setValueBruteForce(SignatureTypes.SIG_ID,
-// SettingsReader.getInstance().getValueFromKey("default.moa.signature.id"));
-// } catch (SettingsException e) {
-// e.printStackTrace();
-// }
-// }
char[] placeholder_chars = new char[sfd.placeholder_length];
for (int i = 0; i < placeholder_chars.length; i++)
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java
index 32dcb72..38680c4 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/ConnectorChooser.java
@@ -9,7 +9,6 @@ import org.apache.commons.logging.LogFactory;
import at.knowcenter.wag.egov.egiz.PdfASID;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
-import at.knowcenter.wag.egov.egiz.exceptions.SettingNotFoundException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector;
@@ -31,19 +30,17 @@ public final class ConnectorChooser
/**
* The log.
*/
- private static Log log = LogFactory.getLog(ConnectorChooser.class);
- private static final String MOA_CMD_LINE_SUPPORTED_KEY = "moa.sign.cmd.detached";
+ private static Log log = LogFactory.getLog(ConnectorChooser.class);
+
+ private static final String MOA_DETACHED_ENABLED_KEY = "moa.sign.console.detached.enabled";
- /*
- * Called when we try to connect BKU over Web interface
- */
public static LocalConnector chooseLocalConnectorForSign(String connector,
String profile, String loc_ref_url) throws ConnectorException
{
log.debug("Choosing LocalConnector for signation...");
log.debug("connector type = " + connector);
-
+
if (!connector.equals("bku"))
{
log.error("Currently only the BKU connector is fully implemented.");
@@ -70,43 +67,37 @@ public final class ConnectorChooser
}
public static Connector chooseCommandlineConnectorForSign(String connector,
- String profile) throws ConnectorException, SettingNotFoundException
+ String profile) throws ConnectorException
{
log.debug("Choosing Connector for commandline signation...");
log.debug("connector type = " + connector);
if (connector.equals(BKU))
- {
- log.debug("sig_app is BKU ==> MultipartDetachedBKUConnector"); //$NON-NLS-1
-
+ {
+ log.debug("sig_app is BKU ==> MultipartDetachedBKUConnector"); //$NON-NLS-1$
+
return new MultipartDetachedBKUConnector(profile);
}
-
if (connector.equals(MOA))
- {
- try {
- String cmd_supported = SettingsReader.getInstance().getValueFromKey(MOA_CMD_LINE_SUPPORTED_KEY);
-
- if(cmd_supported.equals("true"))
- {
- //TODO: replace hardcoded constants!!!
- return new DetachedLocRefMOAConnector(profile, "formdata:fileupload");
- }
- else
- {
- // TODO MOA detached signing is not allowed at the commandline
- log.warn("Detached MOA is not supported on the commandline. -> choosing Base64 temporarily.");
-
- return new EnvelopingBase64MOAConnector(profile);
- }
-
- } catch (SettingsException e) {
+ {
+ // is detached mode enabled from console
+ String detached_mode_enabled = null;
+
+ try
+ {
+ detached_mode_enabled = SettingsReader.getInstance().getValueFromKey(MOA_DETACHED_ENABLED_KEY);
+ } catch (SettingsException e)
+ {
e.printStackTrace();
- }
- //if()
- //return new DetachedLocRefMOAConnector(profile, "formdata:fileupload");
- //return new EnvelopingBase64MOAConnector(profile);
+ }
+
+ // currently MOA does'nt support detached mode in command line
+ if(detached_mode_enabled == null || detached_mode_enabled.equals("true"))
+ return new DetachedLocRefMOAConnector(profile, "formdata:fileupload");
+
+ log.warn("Detached MOA is not supported on the commandline. -> choosing Base64 temporarily.");
+ return new EnvelopingBase64MOAConnector(profile);
}
throw new ConnectorException(300, "Unknown connector type '" + connector + "' specified.");
@@ -232,6 +223,13 @@ public final class ConnectorChooser
return chooseEnvelopedBase64ConnectorHotfix(profile, connector);
}
+ // test
+ if (sig_id.equals(""))
+ {
+ log.debug("sig_id is null, which means that it is a MOA signature -> choose a hotfix base64 connector (thus it is moa - it doesn't matter).");
+
+ return chooseEnvelopedBase64ConnectorHotfix(profile, connector);
+ }
String[] sig_id_parts = sig_id.split("@");
if (sig_id_parts.length == 2)
@@ -249,7 +247,6 @@ public final class ConnectorChooser
throw new ConnectorException(300, "The SIG_KZ version is 1.0.0, but SIG_ID is neither MOA nor Old base64 nor Hotfix base64 ???'");
}
-
if (sig_kz.getVersion().equals(SignatorFactory.VERSION_1_1_0))
{
log.debug("Version is 1.1.0 -> chose a detached connector.");
@@ -315,22 +312,9 @@ public final class ConnectorChooser
{
log.debug("sig_app is MOA ==> DetachedMOAConnector"); //$NON-NLS-1$
- try
- {
- if(SettingsReader.getInstance().getValueFromKey(MOA_CMD_LINE_SUPPORTED_KEY).equals("false"))
- {
- String msg = "A Detached signature cannot be verified with the MOA connector (yet)."; //$NON-NLS-1$
- log.error(msg);
- throw new ConnectorException(370, msg);
- } else
- {
- // TODO: replace hardcoded constants
- return new DetachedLocRefMOAConnector(profile, "formdata:fileupload");
- }
- } catch (SettingsException e)
- {
- e.printStackTrace();
- }
+ String msg = "A Detached signature cannot be verified with the MOA connector (yet)."; //$NON-NLS-1$
+ log.error(msg);
+ throw new ConnectorException(370, msg);
}
throw new ConnectorException(310, "Unknown sig_app '" + sig_app + "'."); //$NON-NLS-1$ //$NON-NLS-2$
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
index a48b04c..9713a4a 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/DetachedBKUConnector.java
@@ -295,16 +295,16 @@ public class DetachedBKUConnector implements Connector, LocalConnector
String verify_request_template = this.environment.getVerifyRequestTemplate();
String xml_content = null;
-// if (SigKZIDHelper.isMOASigned(so))
-// {
-// log.debug("The signature is MOA signed -> getting XML content from DetachedLocRefMOA connector.");
-// DetachedLocRefMOAConnector moa_conn = new DetachedLocRefMOAConnector(this.environment.getProfile(), "loc ref not needed here");
-// xml_content = moa_conn.prepareXMLContent(data, so);
-// }
-// else
-// {
+ if (SigKZIDHelper.isMOASigned(so))
+ {
+ log.debug("The signature is MOA signed -> getting XML content from DetachedLocRefMOA connector.");
+ DetachedLocRefMOAConnector moa_conn = new DetachedLocRefMOAConnector(this.environment.getProfile(), "loc ref not needed here");
+ xml_content = moa_conn.prepareXMLContent(data, so);
+ }
+ else
+ {
xml_content = prepareXMLContent(data, so);
-// }
+ }
String verify_request_xml = verify_request_template.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, xml_content);
verify_request_xml = verify_request_xml.replaceFirst(TemplateReplaces.LOC_REF_CONTENT_REPLACE, this.environment.getLocRefContent());
@@ -450,7 +450,7 @@ public class DetachedBKUConnector implements Connector, LocalConnector
/**
* The configuration key of the sign request template.
*/
- protected static final String SIGN_REQUEST_TEMPLATE_KEY = "bku.sign.request.template"; //$NON-NLS-1$
+ protected static final String SIGN_REQUEST_TEMPLATE_KEY = "bku.sign.request.detached"; //$NON-NLS-1$
/**
* The configuration key of the sign URL.
@@ -460,12 +460,12 @@ public class DetachedBKUConnector implements Connector, LocalConnector
/**
* The configuration key of the verify request template.
*/
- protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "bku.verify.request.template"; //$NON-NLS-1$
+ protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "bku.verify.request.detached"; //$NON-NLS-1$
/**
* The configuration key of the verify template.
*/
- protected static final String VERIFY_TEMPLATE_KEY = "bku.verify.request.template.keys"; //$NON-NLS-1$
+ protected static final String VERIFY_TEMPLATE_KEY = "bku.verify.template.detached"; //$NON-NLS-1$
/**
* The configuration key of the verify URL.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
index 4983da7..dc5d35b 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.java
@@ -300,6 +300,10 @@ public class EnvelopedBase64BKUConnector implements Connector, LocalConnector
String xml_content = null;
if (SigKZIDHelper.isMOASigned(so))
{
+ //
+ if(so.id.equals("") || so.id == null)
+ so.id = "temp";
+ //
log.debug("The signature is MOA signed -> getting XML content from Base64MOA connector.");
EnvelopingBase64MOAConnector moa_conn = new EnvelopingBase64MOAConnector(this.environment.getProfile());
xml_content = moa_conn.prepareXMLContent(data, so);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
index eeb242f..98d381a 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/connectors/moa/DetachedLocRefMOAConnector.java
@@ -37,7 +37,7 @@ public class DetachedLocRefMOAConnector implements Connector
/**
* The SIG_ID prefix.
*/
- //public static final String SIG_ID_PREFIX = "etsi-bku-detached@"; //$NON-NLS-1$
+ public static final String SIG_ID_PREFIX = "etsi-bku-detached@"; //$NON-NLS-1$
/**
* The log.
@@ -316,7 +316,7 @@ public class DetachedLocRefMOAConnector implements Connector
/**
* The configuration key of the sign request template.
*/
- protected static final String SIGN_REQUEST_TEMPLATE_KEY = "moa.sign.request.template"; //$NON-NLS-1$
+ protected static final String SIGN_REQUEST_TEMPLATE_KEY = "moa.sign.request.detached"; //$NON-NLS-1$
/**
* The configuration key of the sign URL.
@@ -326,12 +326,12 @@ public class DetachedLocRefMOAConnector implements Connector
/**
* The configuration key of the verify request template.
*/
- protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "moa.verify.request.template"; //$NON-NLS-1$
+ protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "moa.verify.request.detached"; //$NON-NLS-1$
/**
* The configuration key of the verify template.
*/
- protected static final String VERIFY_TEMPLATE_KEY = "moa.verify.request.template.keys"; //$NON-NLS-1$
+ protected static final String VERIFY_TEMPLATE_KEY = "moa.verify.template.detached"; //$NON-NLS-1$
/**
* The configuration key of the verify URL.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedIdFormatter.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedIdFormatter.java
index f951b47..7220857 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedIdFormatter.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedIdFormatter.java
@@ -15,12 +15,13 @@ import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
*/
public class DetachedIdFormatter implements IdFormatter
{
- // last change: erno & arian; 16.07.2007 13:17
- public static final String DEFAULT_BKU_SIG_ID = "default.bku.signature.id";
/**
* The SIG_ID prefix.
+ * Default value: etsi-bka-1.0
*/
- public static String SIG_ID_PREFIX = null;
+ public static String SIG_ID_PREFIX = "etsi-bka-1.0"; //$NON-NLS-1$
+
+ public static final String SIG_ID_KEY = "default.bku.algorithm.id";
/**
* The log.
@@ -32,10 +33,13 @@ public class DetachedIdFormatter implements IdFormatter
*/
public String formatIds(String[] ids)
{
- // if SIG_ID_PREFIX null is, call read the config file and set the value from it
- if(SIG_ID_PREFIX == null)
- setPrefixId();
-
+ // read SIG_ID_PREFIX from config file
+ try {
+ SIG_ID_PREFIX = SettingsReader.getInstance().getValueFromKey(SIG_ID_KEY);
+ } catch (SettingsException e) {
+ e.printStackTrace();
+ }
+
// ids algorithm:
String join = ""; //$NON-NLS-1$
String base = null;
@@ -63,18 +67,5 @@ public class DetachedIdFormatter implements IdFormatter
String final_ids = SIG_ID_PREFIX + "@" + idstr;
return final_ids;
}
-
- /*
- * Read configuration from file and set it to global variable
- */
- public void setPrefixId()
- {
- try
- {
- SIG_ID_PREFIX = SettingsReader.getInstance().getValueFromKey(DEFAULT_BKU_SIG_ID);
- } catch (SettingsException e)
- {
- e.printStackTrace();
- }
- }
+
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedLocRefMOAIdFormatter.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedLocRefMOAIdFormatter.java
index c1d831e..ec6d054 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedLocRefMOAIdFormatter.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/DetachedLocRefMOAIdFormatter.java
@@ -5,7 +5,6 @@ package at.knowcenter.wag.egov.egiz.sig.sigid;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
-import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
/**
* @author wprinz
@@ -13,31 +12,28 @@ import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
*/
public class DetachedLocRefMOAIdFormatter implements IdFormatter
{
- public static final String MOA_SIG_ID_KEY = "default.moa.signature.id";
+ /**
+ * The SIG_ID prefix.
+ * Default value: etsi-bka-moa-1.0
+ */
+ public static String SIG_ID_PREFIX = "etsi-bka-moa-1.0"; //$NON-NLS-1$
+ public static String SIG_ID_KEY = "default.moa.algorithm.id";
/**
* @see at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter#formatIds(java.lang.String[])
*/
public String formatIds(String[] ids)
{
- String sig_id_prefix = null;
+ String tmp = null;
- try
- {
- //FIXME make better
- //connector is hard coded since this method is called only when using MOA!
- boolean sig_id_visible = ConnectorFactory.needsSIG_ID("moa");
-
- if (sig_id_visible)
- {
- sig_id_prefix = SettingsReader.getInstance().getValueFromKey(MOA_SIG_ID_KEY);
- }
- } catch (SettingsException e)
- {
- e.printStackTrace();
- }
+ try {
+ tmp = SettingsReader.getInstance().getValueFromKey(SIG_ID_KEY);
+ if(tmp != null)
+ SIG_ID_PREFIX = tmp;
+ } catch (SettingsException e) {
+ e.printStackTrace();
+ }
- return sig_id_prefix;
+ return SIG_ID_PREFIX;
}
-
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/OldMOAIdFormatter.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/OldMOAIdFormatter.java
index d4bd166..05f5db8 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/OldMOAIdFormatter.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigid/OldMOAIdFormatter.java
@@ -3,10 +3,6 @@
*/
package at.knowcenter.wag.egov.egiz.sig.sigid;
-import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
-import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
-import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
-
/**
* @author wprinz
*
@@ -14,31 +10,12 @@ import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
public class OldMOAIdFormatter implements IdFormatter
{
- public static final String MOA_SIG_ID_KEY = "default.moa.signature.id";
-
/**
* @see at.knowcenter.wag.egov.egiz.sig.sigid.IdFormatter#formatIds(java.lang.String[])
*/
public String formatIds(String[] ids)
{
- String sig_id_prefix = null;
-
- try
- {
- // FIXME make better
- //connector is hard coded since this method is called only when using MOA!
- boolean sig_id_visible = ConnectorFactory.needsSIG_ID("moa");
-
- if (sig_id_visible)
- {
- sig_id_prefix = SettingsReader.getInstance().getValueFromKey(MOA_SIG_ID_KEY);
- }
- } catch (SettingsException e)
- {
- e.printStackTrace();
- }
-
- return sig_id_prefix;
+ return null;
}
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
index 8a831bd..e751248 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/sig/sigkz/SigKZIDHelper.java
@@ -4,7 +4,6 @@
package at.knowcenter.wag.egov.egiz.sig.sigkz;
import at.knowcenter.wag.egov.egiz.PdfASID;
-import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.InvalidIDException;
import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
@@ -47,17 +46,22 @@ public final class SigKZIDHelper
return sig_id == null;
}
- // new signatures may or may not have the SIG_ID value
+ // :begin
+
if(sig_id == null)
return true;
+ if(sig_id.equals(""))
+ return true;
+
+ // :end
+
// new signature - sig_id decides
String [] ids = sig_id.split("@");
String prefix = ids[0];
- DetachedLocRefMOAIdFormatter moa_id_formater = new DetachedLocRefMOAIdFormatter();
-
- if (prefix.equals(moa_id_formater.formatIds(null)))
+ if (prefix.equals(DetachedLocRefMOAIdFormatter.SIG_ID_PREFIX))
+ //if(!prefix.equals(""))
{
return true;
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
index 287bc8e..e8443d7 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
@@ -25,9 +25,6 @@ import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorFactoryException;
import at.knowcenter.wag.egov.egiz.exceptions.NormalizeException;
import at.knowcenter.wag.egov.egiz.exceptions.PresentableException;
@@ -63,10 +60,6 @@ public abstract class LocalRequestHelper
* The resource of the redirect refresh page jsp.
*/
public static final String REDIRECT_REFRESH_PAGE_JSP = "/jsp/redirect_refresh_page.jsp";
-
-
- private static Log log = LogFactory.getLog(LocalRequestHelper.class);
-
/**
* Sets up the local sign procedure.
@@ -86,7 +79,6 @@ public abstract class LocalRequestHelper
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url);
-
String sign_request = c.prepareSignRequest(si.iui.signature_data);
// TODO local URL
@@ -199,7 +191,6 @@ public abstract class LocalRequestHelper
SignSignatureObject so = SignatureObjectHelper.convertSignatureObjectToSignSignatureObject(s);
LocalConnector local_conn = ConnectorChooser.chooseLocalConnectorForVerify(si.connector, s.getKZ(), so.id, si.type, loc_ref_url);
-
String request_string = local_conn.prepareVerifyRequest(sd, so);
LocalRequest local_request = new LocalRequest("not-needed", request_string);
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
index cbc4e06..402170c 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
@@ -3,9 +3,7 @@
*/
package at.knowcenter.wag.egov.egiz.web.servlets;
-import java.io.ByteArrayInputStream;
import java.io.IOException;
-import java.io.InputStream;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -93,18 +91,7 @@ public class RetrieveSignatureDataServlet extends HttpServlet
response.setContentType(sd.getMimeType());
response.setCharacterEncoding(sd.getCharacterEncoding());
- //response.getOutputStream().write(sd.getData());
-
- //::::
- InputStream is = new ByteArrayInputStream(sd.getData());
- final int bufferSize = 1024;
- byte[] buffer = new byte[bufferSize];
- int len = -1;
- while ((len = is.read(buffer)) != -1) {
- response.getOutputStream().write(buffer, 0, len);
- }
- response.getOutputStream().flush();
- //::::
+ response.getOutputStream().write(sd.getData());
log.debug("Writing SignatureData finished."); //$NON-NLS-1$
}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
index 1ab89ed..3a79939 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
@@ -561,7 +561,7 @@ public class VerifyPreviewServlet extends HttpServlet
URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
- List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);
+ List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si.connector, loc_ref_url);
boolean backbutton = true;
if (verify_which >= 0)
{
@@ -697,7 +697,7 @@ public class VerifyPreviewServlet extends HttpServlet
URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
- List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);
+ List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si.connector, loc_ref_url);
dispatchToResults(results, request, response, true);
}
catch (FileUploadException e)
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
index a85b31f..ba740d0 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
@@ -105,13 +105,15 @@ public class VerifyServlet extends HttpServlet
si.mode = null;
si.pdf = null;
si.type = null;
- si.user_name = null;
+ si.user_name = null;
si.user_password = null;
si.signature_holders = signature_holders;
request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si);
-
+ System.out.println("\n\n-----------------------------------------------------------------------");
+ System.out.println();
+ System.out.println("-----------------------------------------------------------------------\n\n");
if (ud.preview)
{
dispatch(request, response, "/jsp/verifylist.jsp");
@@ -131,7 +133,7 @@ public class VerifyServlet extends HttpServlet
URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");
String loc_ref_url = response.encodeURL(loc_ref_URL.toString());
- List results = PdfAS.verifySignatureHoldersWeb(signature_holders, si, loc_ref_url);
+ List results = PdfAS.verifySignatureHoldersWeb(signature_holders, si.connector, loc_ref_url);
dispatchToResults(results, request, response);
}
diff --git a/work/cfg/config.properties b/work/cfg/config.properties
index 0afd46b..2d8a2e3 100644
--- a/work/cfg/config.properties
+++ b/work/cfg/config.properties
@@ -5,18 +5,6 @@
#############################################
-# changed by erno 13.07.2007 14:38
-# last update: by erno & arian 16.07.2007 08:53
-
-# Der aktuellste Algorithmus
-default.bku.signature.id=etsi-bka-1.0
-default.moa.signature.id=etsi-bka-1.0
-# MOA Signatur-Kennzeichnung vorhanden
-moa.sign.id.active=false
-# MOA Detached-Signieren aus Konsole (Commandline) verfügbar
-moa.sign.cmd.detached=false
-
-#############################################
# Applikationseinstellungen
normalizer.version=V01
@@ -34,6 +22,19 @@ allow_post_sign_modifications=false
#
check_old_textual_sigs=true
+
+# BKU Algorithm - Kennzeichnung
+default.bku.algorithm.id=etsi-bka-1.0
+
+# MOA Algorithm - Kennzeichnung
+default.moa.algorithm.id=etsi-bka-moa-1.0
+
+# MOA Detached Signieren aus Konsole möglich - zurzeit möglich nur mit BKU
+moa.sign.console.detached.enabled=false
+
+# MOA Kennzeichnungsfeld anzeigen
+moa.id.field.visible=true
+
#############################################
# Signaturdienste
@@ -43,16 +44,15 @@ bku.available_for_commandline=true
bku.sign.url=http://127.0.0.1:3495/http-security-layer-request
bku.sign.KeyboxIdentifier=SecureSignatureKeypair
bku.sign.request.base64=./templates/BKUSignRequestBase64.xml
-bku.sign.request.template=./templates/bku.etsi-bka-1.0.sign.xml
+bku.sign.request.detached=./templates/BKUSignRequestDetached.xml
bku.verify.url=http://127.0.0.1:3495/http-security-layer-request
-bku.verify.request.template.keys=./templates/bku.etsi-bka-1.0.verify.template.keys.xml
-bku.verify.request.template=./templates/bku.etsi-bka-1.0.verify.template.xml
-
-# alte Templates
bku.verify.request.base64=./templates/BKUVerifyRequestBase64.xml
+bku.verify.request.detached=./templates/BKUVerifyRequestDetached.xml
bku.verify.template.base64old=./templates/BKUVerifyTemplateBase64old.xml
bku.verify.template.base64=./templates/BKUVerifyTemplateBase64.xml
+bku.verify.template.detached=./templates/BKUVerifyTemplateDetached.xml
+
a1.available_for_web=false
a1.available_for_commandline=false
@@ -73,16 +73,14 @@ moa.available_for_commandline=true
moa.sign.url=http://127.0.0.1:18080/moa-spss/services/SignatureCreation
moa.sign.KeyIdentifier=TestKey2
moa.sign.request.base64=./templates/MOASignRequestBase64.xml
-moa.sign.request.template=./templates/moa.etsi-bka-1.0.sign.xml
+moa.sign.request.detached=./templates/MOASignRequestDetached.xml
moa.verify.url=http://127.0.0.1:18080/moa-spss/services/SignatureVerification
-moa.verify.request.template=./templates/moa.etsi-bka-1.0.verify.template.xml
-moa.verify.request.template.keys=./templates/moa.etsi-bka-1.0.verify.template.keys.xml
-
-# alte Templates
moa.verify.TrustProfileID=Test-Signaturdienste
moa.verify.request.base64=./templates/old/MOAVerifyRequest.xml
-moa.verify.template.base64=./templates/MOAVerifyTemplateBase64.xml
+moa.verify.request.detached=./templates/MOAVerifyRequestDetached.xml
+moa.verify.template.base64=./templates/old/MOAVerifyTemplateBase64.xml
+moa.verify.template.detached=./templates/MOAVerifyTemplateDetached.xml
#############################################
diff --git a/work/templates/bku.etsi-bka-1.0.verify.request_.xml b/work/templates/bku.etsi-bka-1.0.verify.request_.xml
new file mode 100644
index 0000000..6ddefa3
--- /dev/null
+++ b/work/templates/bku.etsi-bka-1.0.verify.request_.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl:VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<sl:SignatureInfo>
+<sl:SignatureEnvironment>
+<sl:XMLContent>XMLContentReplace</sl:XMLContent>
+</sl:SignatureEnvironment>
+<sl:SignatureLocation>/dsig:Signature</sl:SignatureLocation>
+</sl:SignatureInfo>
+<sl:Supplement>
+<sl:Content Reference="urn:Document">
+<sl:LocRefContent>LocRefContentReplace</sl:LocRefContent>
+</sl:Content>
+</sl:Supplement>
+</sl:VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/bku.etsi-bka-1.0.verify.template_.xml b/work/templates/bku.etsi-bka-1.0.verify.template_.xml
new file mode 100644
index 0000000..19a2c1c
--- /dev/null
+++ b/work/templates/bku.etsi-bka-1.0.verify.template_.xml
@@ -0,0 +1,13 @@
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-SigIdReplace">
+<dsig:SignedInfo>
+<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+<dsig:SignatureMethod Algorithm="CertAlgReplace"/>
+<dsig:Reference Id="signed-data-reference-SigDataRefReplace" URI="urn:Document">
+<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue>
+</dsig:Reference>
+<dsig:Reference Id="etsi-data-reference-EtsiDataRefReplace" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-EtsiDataObjURIReplace')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo>
+<dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue>
+<dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+<dsig:Object Id="etsi-data-object-EtsiDataObjURIReplace"><etsi:QualifyingProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" Target="#signature-SigIdReplace"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#signed-data-reference-SigDataRefReplace"><etsi:MimeType>MimeTypeReplace</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/work/templates/default.bku.sign.detached.xml b/work/templates/default.bku.sign.detached.xml
new file mode 100644
index 0000000..c00e05b
--- /dev/null
+++ b/work/templates/default.bku.sign.detached.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl:CreateXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#">
+<sl:KeyboxIdentifier>KeyboxIdentifierReplace</sl:KeyboxIdentifier>
+<sl:DataObjectInfo Structure="detached">
+<sl:DataObject Reference="urn:Document"/>
+<sl:TransformsInfo>
+<sl:FinalDataMetaInfo>
+<sl:MimeType>MimeTypeReplace</sl:MimeType>
+</sl:FinalDataMetaInfo>
+</sl:TransformsInfo>
+<sl:Supplement>
+<sl:Content Reference="urn:Document">
+<sl:LocRefContent>LocRefContentReplace</sl:LocRefContent>
+</sl:Content>
+</sl:Supplement>
+</sl:DataObjectInfo>
+</sl:CreateXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.bku.sign.enveloping.xml b/work/templates/default.bku.sign.enveloping.xml
new file mode 100644
index 0000000..4cebb0e
--- /dev/null
+++ b/work/templates/default.bku.sign.enveloping.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl:CreateXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#">
+<sl:KeyboxIdentifier>KeyboxIdentifierReplace</sl:KeyboxIdentifier>
+<sl:DataObjectInfo Structure="enveloping">
+<sl:DataObject>
+<sl:Base64Content>Base64ContentReplace</sl:Base64Content>
+</sl:DataObject>
+<sl:TransformsInfo>
+<sl:FinalDataMetaInfo>
+<sl:MimeType>text/plain</sl:MimeType>
+</sl:FinalDataMetaInfo>
+</sl:TransformsInfo>
+</sl:DataObjectInfo>
+</sl:CreateXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.bku.verify.request.detached.xml b/work/templates/default.bku.verify.request.detached.xml
new file mode 100644
index 0000000..6ddefa3
--- /dev/null
+++ b/work/templates/default.bku.verify.request.detached.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl:VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<sl:SignatureInfo>
+<sl:SignatureEnvironment>
+<sl:XMLContent>XMLContentReplace</sl:XMLContent>
+</sl:SignatureEnvironment>
+<sl:SignatureLocation>/dsig:Signature</sl:SignatureLocation>
+</sl:SignatureInfo>
+<sl:Supplement>
+<sl:Content Reference="urn:Document">
+<sl:LocRefContent>LocRefContentReplace</sl:LocRefContent>
+</sl:Content>
+</sl:Supplement>
+</sl:VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.bku.verify.request.enveloping.xml b/work/templates/default.bku.verify.request.enveloping.xml
new file mode 100644
index 0000000..e232e51
--- /dev/null
+++ b/work/templates/default.bku.verify.request.enveloping.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl:VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<sl:SignatureInfo>
+<sl:SignatureEnvironment>
+<sl:XMLContent>XMLContentReplace</sl:XMLContent>
+</sl:SignatureEnvironment>
+<sl:SignatureLocation>/dsig:Signature</sl:SignatureLocation>
+</sl:SignatureInfo>
+</sl:VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.bku.verify.template.detached.xml b/work/templates/default.bku.verify.template.detached.xml
new file mode 100644
index 0000000..19a2c1c
--- /dev/null
+++ b/work/templates/default.bku.verify.template.detached.xml
@@ -0,0 +1,13 @@
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-SigIdReplace">
+<dsig:SignedInfo>
+<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+<dsig:SignatureMethod Algorithm="CertAlgReplace"/>
+<dsig:Reference Id="signed-data-reference-SigDataRefReplace" URI="urn:Document">
+<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue>
+</dsig:Reference>
+<dsig:Reference Id="etsi-data-reference-EtsiDataRefReplace" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-EtsiDataObjURIReplace')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo>
+<dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue>
+<dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+<dsig:Object Id="etsi-data-object-EtsiDataObjURIReplace"><etsi:QualifyingProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" Target="#signature-SigIdReplace"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#signed-data-reference-SigDataRefReplace"><etsi:MimeType>MimeTypeReplace</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/work/templates/default.bku.verify.template.enveloping.old.xml b/work/templates/default.bku.verify.template.enveloping.old.xml
new file mode 100644
index 0000000..f1d04db
--- /dev/null
+++ b/work/templates/default.bku.verify.template.enveloping.old.xml
@@ -0,0 +1,6 @@
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-SigIdReplace"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="signed-data-reference-SigDataRefReplace" URI="#signed-data-object-SigDataObjURIReplace"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xpf:XPath xmlns:xpf="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect">id('signed-data-object-SigDataObjURIReplace')/node()</xpf:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Id="etsi-data-reference-EtsiDataRefReplace" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#etsi-data-object-EtsiDataObjURIReplace"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xpf:XPath xmlns:xpf="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect">id('etsi-data-object-EtsiDataObjURIReplace')/node()</xpf:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo>
+<dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue>
+<dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+<dsig:Object Id="signed-data-object-SigDataObjURIReplace"><sl:Base64Content>Base64ContentReplace</sl:Base64Content></dsig:Object>
+<dsig:Object Id="etsi-data-object-EtsiDataObjURIReplace"><etsi:QualifyingProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" Target="#signature-SigIdReplace"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#signed-data-reference-SigDataRefReplace"><etsi:MimeType>text/plain</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/work/templates/default.bku.verify.template.enveloping.xml b/work/templates/default.bku.verify.template.enveloping.xml
new file mode 100644
index 0000000..bd30d70
--- /dev/null
+++ b/work/templates/default.bku.verify.template.enveloping.xml
@@ -0,0 +1,6 @@
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-SigIdReplace"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="signed-data-reference-SigDataRefReplace" URI="#signed-data-object-SigDataObjURIReplace"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xpf:XPath xmlns:xpf="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect">id('signed-data-object-SigDataObjURIReplace')/node()</xpf:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Id="etsi-data-reference-EtsiDataRefReplace" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-EtsiDataObjURIReplace')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo>
+<dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue>
+<dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+<dsig:Object Id="signed-data-object-SigDataObjURIReplace"><dsig:Base64Content>Base64ContentReplace</dsig:Base64Content></dsig:Object>
+<dsig:Object Id="etsi-data-object-EtsiDataObjURIReplace"><etsi:QualifyingProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" Target="#signature-SigIdReplace"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#signed-data-reference-SigDataRefReplace"><etsi:MimeType>text/plain</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/work/templates/default.moa.sign.detached.xml b/work/templates/default.moa.sign.detached.xml
new file mode 100644
index 0000000..4bf42cf
--- /dev/null
+++ b/work/templates/default.moa.sign.detached.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<CreateXMLSignatureRequest xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<KeyIdentifier>KeyIdentifierReplace</KeyIdentifier>
+<SingleSignatureInfo SecurityLayerConformity="true">
+<DataObjectInfo Structure="detached">
+<DataObject Reference="urn:Document">
+ <LocRefContent>LocRefContentReplace</LocRefContent>
+</DataObject>
+<CreateTransformsInfoProfile>
+<CreateTransformsInfo>
+<FinalDataMetaInfo>
+<MimeType>MimeTypeReplace</MimeType>
+</FinalDataMetaInfo>
+</CreateTransformsInfo>
+</CreateTransformsInfoProfile>
+</DataObjectInfo>
+</SingleSignatureInfo>
+</CreateXMLSignatureRequest>
+
diff --git a/work/templates/default.moa.sign.enveloping.xml b/work/templates/default.moa.sign.enveloping.xml
new file mode 100644
index 0000000..3c08c9e
--- /dev/null
+++ b/work/templates/default.moa.sign.enveloping.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<CreateXMLSignatureRequest xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<KeyIdentifier>KeyIdentifierReplace</KeyIdentifier>
+<SingleSignatureInfo SecurityLayerConformity="true">
+<DataObjectInfo Structure="enveloping">
+<DataObject>
+<Base64Content>Base64ContentReplace</Base64Content>
+</DataObject>
+<CreateTransformsInfoProfile>
+<CreateTransformsInfo>
+<FinalDataMetaInfo>
+<MimeType>text/plain</MimeType>
+</FinalDataMetaInfo>
+</CreateTransformsInfo>
+</CreateTransformsInfoProfile>
+</DataObjectInfo>
+</SingleSignatureInfo>
+</CreateXMLSignatureRequest>
+
diff --git a/work/templates/default.moa.verify.request.detached.xml b/work/templates/default.moa.verify.request.detached.xml
new file mode 100644
index 0000000..b544c5c
--- /dev/null
+++ b/work/templates/default.moa.verify.request.detached.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <VerifySignatureInfo>
+ <VerifySignatureEnvironment>
+ <XMLContent>XMLContentReplace</XMLContent>
+ </VerifySignatureEnvironment>
+ <VerifySignatureLocation xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">/dsig:Signature</VerifySignatureLocation>
+ </VerifySignatureInfo>
+ <SupplementProfile>
+ <Content Reference="urn:Document">
+ <LocRefContent>LocRefContentReplace</LocRefContent>
+ </Content>
+ </SupplementProfile>
+ <TrustProfileID>TrustProfileIDReplace</TrustProfileID>
+</VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.moa.verify.request.enveloping.xml b/work/templates/default.moa.verify.request.enveloping.xml
new file mode 100644
index 0000000..04c6863
--- /dev/null
+++ b/work/templates/default.moa.verify.request.enveloping.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+<VerifySignatureInfo>
+<VerifySignatureEnvironment>
+<XMLContent>XMLContentReplace</XMLContent>
+</VerifySignatureEnvironment>
+<VerifySignatureLocation xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">/dsig:Signature</VerifySignatureLocation>
+</VerifySignatureInfo>
+<TrustProfileID>TrustProfileIDReplace</TrustProfileID>
+</VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/default.moa.verify.template.detached.xml b/work/templates/default.moa.verify.template.detached.xml
new file mode 100644
index 0000000..d206bc9
--- /dev/null
+++ b/work/templates/default.moa.verify.template.detached.xml
@@ -0,0 +1 @@
+<dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="reference-1-1" URI="urn:Document"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-signed-1-1&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>MimeTypeReplace</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> \ No newline at end of file
diff --git a/work/templates/default.moa.verify.template.enveloping.xml b/work/templates/default.moa.verify.template.enveloping.xml
new file mode 100644
index 0000000..6811ed1
--- /dev/null
+++ b/work/templates/default.moa.verify.template.enveloping.xml
@@ -0,0 +1,11 @@
+<dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="reference-1-1" URI="#xpointer(id('signed-data-1-1-1')/node())"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo>
+<dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue>
+<dsig:KeyInfo>
+<dsig:X509Data>
+<dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate>
+</dsig:X509Data>
+</dsig:KeyInfo>
+<dsig:Object Id="signed-data-1-1-1"><Base64Content>Base64ContentReplace</Base64Content></dsig:Object>
+<dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/plain</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/work/templates/moa.etsi-bka-moa-1.0.sign_.xml b/work/templates/moa.etsi-bka-moa-1.0.sign_.xml
new file mode 100644
index 0000000..4bf42cf
--- /dev/null
+++ b/work/templates/moa.etsi-bka-moa-1.0.sign_.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<CreateXMLSignatureRequest xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<KeyIdentifier>KeyIdentifierReplace</KeyIdentifier>
+<SingleSignatureInfo SecurityLayerConformity="true">
+<DataObjectInfo Structure="detached">
+<DataObject Reference="urn:Document">
+ <LocRefContent>LocRefContentReplace</LocRefContent>
+</DataObject>
+<CreateTransformsInfoProfile>
+<CreateTransformsInfo>
+<FinalDataMetaInfo>
+<MimeType>MimeTypeReplace</MimeType>
+</FinalDataMetaInfo>
+</CreateTransformsInfo>
+</CreateTransformsInfoProfile>
+</DataObjectInfo>
+</SingleSignatureInfo>
+</CreateXMLSignatureRequest>
+
diff --git a/work/templates/moa.etsi-bka-moa-1.0.verify.request_.xml b/work/templates/moa.etsi-bka-moa-1.0.verify.request_.xml
new file mode 100644
index 0000000..b544c5c
--- /dev/null
+++ b/work/templates/moa.etsi-bka-moa-1.0.verify.request_.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <VerifySignatureInfo>
+ <VerifySignatureEnvironment>
+ <XMLContent>XMLContentReplace</XMLContent>
+ </VerifySignatureEnvironment>
+ <VerifySignatureLocation xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">/dsig:Signature</VerifySignatureLocation>
+ </VerifySignatureInfo>
+ <SupplementProfile>
+ <Content Reference="urn:Document">
+ <LocRefContent>LocRefContentReplace</LocRefContent>
+ </Content>
+ </SupplementProfile>
+ <TrustProfileID>TrustProfileIDReplace</TrustProfileID>
+</VerifyXMLSignatureRequest> \ No newline at end of file
diff --git a/work/templates/moa.etsi-bka-moa-1.0.verify.template_.xml b/work/templates/moa.etsi-bka-moa-1.0.verify.template_.xml
new file mode 100644
index 0000000..d206bc9
--- /dev/null
+++ b/work/templates/moa.etsi-bka-moa-1.0.verify.template_.xml
@@ -0,0 +1 @@
+<dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="CertAlgReplace"/><dsig:Reference Id="reference-1-1" URI="urn:Document"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedDataReplace</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-signed-1-1&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DigestValueSignedPropertiesReplace</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>SignatureValueReplace</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>X509CertificateReplace</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedSignatureProperties><etsi:SigningTime>SigningTimeReplace</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></etsi:DigestMethod><etsi:DigestValue>DigestValueX509CertificateReplace</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>X509IssuerNameReplace</dsig:X509IssuerName><dsig:X509SerialNumber>X509SerialNumberReplace</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied></etsi:SignaturePolicyImplied></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>MimeTypeReplace</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature> \ No newline at end of file