sepafm 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (45) hide show
  1. checksums.yaml +4 -4
  2. data/lib/sepa/application_request.rb +1 -1
  3. data/lib/sepa/application_response.rb +15 -16
  4. data/lib/sepa/attribute_checks.rb +18 -25
  5. data/lib/sepa/banks/danske/danske_response.rb +65 -8
  6. data/lib/sepa/banks/danske/soap_danske.rb +1 -1
  7. data/lib/sepa/banks/nordea/nordea_response.rb +11 -0
  8. data/lib/sepa/certificates/danske_root_certificate.cer +25 -0
  9. data/lib/sepa/client.rb +35 -29
  10. data/lib/sepa/error_messages.rb +11 -0
  11. data/lib/sepa/response.rb +42 -20
  12. data/lib/sepa/soap_builder.rb +20 -38
  13. data/lib/sepa/utilities.rb +36 -11
  14. data/lib/sepa/version.rb +1 -1
  15. data/lib/sepafm.rb +10 -1
  16. data/readme.md +64 -28
  17. data/test/sepa/banks/danske/danske_cert_response_test.rb +41 -4
  18. data/test/sepa/banks/danske/danske_cert_soap_builder_test.rb +1 -1
  19. data/test/sepa/banks/danske/danske_generic_soap_builder_test.rb +6 -17
  20. data/test/sepa/banks/danske/danske_response_test.rb +97 -0
  21. data/test/sepa/banks/danske/keys/bank_encryption_cert.pem +17 -17
  22. data/test/sepa/banks/danske/keys/bank_signing_cert.pem +17 -17
  23. data/test/sepa/banks/danske/responses/create_cert.xml +14 -14
  24. data/test/sepa/banks/danske/responses/download_file_list.xml +42 -0
  25. data/test/sepa/banks/danske/responses/get_bank_cert.xml +14 -36
  26. data/test/sepa/banks/danske/responses/get_bank_certificate_not_ok.xml +2 -0
  27. data/test/sepa/banks/nordea/nordea_application_request_test.rb +3 -5
  28. data/test/sepa/banks/nordea/nordea_application_response_test.rb +25 -30
  29. data/test/sepa/banks/nordea/nordea_generic_soap_builder_test.rb +2 -2
  30. data/test/sepa/banks/nordea/nordea_response_test.rb +83 -17
  31. data/test/sepa/banks/nordea/responses/df_ktl.xml +20 -44
  32. data/test/sepa/banks/nordea/responses/dfl.xml +7 -6
  33. data/test/sepa/banks/nordea/responses/download_file_list_no_content.xml +21 -0
  34. data/test/sepa/banks/nordea/responses/gc.xml +21 -49
  35. data/test/sepa/banks/nordea/responses/invalid/body_altered.xml +21 -0
  36. data/test/sepa/banks/nordea/responses/invalid/timestamp_altered.xml +21 -0
  37. data/test/sepa/banks/nordea/responses/not_ok_response_code.xml +21 -0
  38. data/test/sepa/banks/nordea/responses/uf.xml +7 -6
  39. data/test/sepa/client_test.rb +134 -35
  40. data/test/sepa/fixtures.rb +8 -8
  41. data/test/sepa/sepa_test.rb +1 -1
  42. data/test/test_helper.rb +5 -1
  43. metadata +18 -6
  44. data/test/sepa/banks/nordea/responses/gbc.xml +0 -15
  45. /data/{test/sepa/banks/nordea/keys/root_cert.cer → lib/sepa/certificates/nordea_root_certificate.cer} +0 -0
data/lib/sepa/utilities.rb CHANGED
@@ -46,6 +46,8 @@ module Sepa
46
46
  def extract_cert(doc, node, namespace)
47
47
  cert_raw = doc.at("xmlns|#{node}", 'xmlns' => namespace)
48
48
 
49
+ return nil unless cert_raw
50
+
49
51
  cert_raw = cert_raw.content.gsub(/\s+/, "")
50
52
 
51
53
  cert = process_cert_value(cert_raw)
@@ -93,17 +95,6 @@ module Sepa
93
95
  xml_doc(File.open(path))
94
96
  end
95
97
 
96
- # Checks that the certificate in the application response is signed with the
97
- # private key of the public key of the certificate as parameter.
98
- def cert_is_trusted(root_cert)
99
- if root_cert.subject == certificate.issuer
100
- # Return true or false
101
- certificate.verify(root_cert.public_key)
102
- else
103
- fail SecurityError, "false"
104
- end
105
- end
106
-
107
98
  def iso_time
108
99
  @iso_time ||= Time.now.utc.iso8601
109
100
  end
@@ -147,5 +138,39 @@ module Sepa
147
138
  OpenSSL::PKey::RSA.new key_as_string
148
139
  end
149
140
 
141
+ def set_node_id(document, namespace, node, position)
142
+ node_id = "#{node.downcase}-#{SecureRandom.uuid}"
143
+ document.at("xmlns|#{node}", xmlns: namespace)['wsu:Id'] = node_id
144
+ @header_template.css('dsig|Reference')[position]['URI'] = "##{node_id}"
145
+
146
+ node_id
147
+ end
148
+
149
+ def validate_signature(doc, certificate, canonicalization_method)
150
+ node = doc.at('xmlns|SignedInfo', xmlns: DSIG)
151
+
152
+ return false unless node
153
+
154
+ node = case canonicalization_method
155
+ when :normal
156
+ node.canonicalize
157
+ when :exclusive
158
+ canonicalize_exclusively node
159
+ end
160
+
161
+ signature = doc.at('xmlns|SignatureValue', xmlns: DSIG).content
162
+ signature = decode(signature)
163
+
164
+ # Return true or false
165
+ certificate.public_key.verify(OpenSSL::Digest::SHA1.new, signature, node)
166
+ end
167
+
168
+ def verify_certificate_against_root_certificate(certificate, root_certificate)
169
+ return false unless certificate && root_certificate
170
+ return false unless root_certificate.subject == certificate.issuer
171
+
172
+ certificate.verify(root_certificate.public_key)
173
+ end
174
+
150
175
  end
151
176
  end
data/lib/sepa/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Sepa
2
- VERSION = "0.1.3"
2
+ VERSION = "0.1.4"
3
3
  end
data/lib/sepafm.rb CHANGED
@@ -26,6 +26,13 @@ SCHEMA_FILE = "#{ROOT_PATH}/lib/sepa/xml_schemas/wsdl.xml"
26
26
  AR_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/application_request"
27
27
  SOAP_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/soap"
28
28
 
29
+ # Certificates
30
+ CERTIFICATE_PATH = "#{ROOT_PATH}/lib/sepa/certificates/"
31
+ nordea_root_certificate_string = File.read("#{CERTIFICATE_PATH}nordea_root_certificate.cer")
32
+ NORDEA_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new nordea_root_certificate_string
33
+ danske_root_certificate_string = File.read("#{CERTIFICATE_PATH}danske_root_certificate.cer")
34
+ DANSKE_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new danske_root_certificate_string
35
+
29
36
  # Common XML namespaces
30
37
  DSIG = 'http://www.w3.org/2000/09/xmldsig#'
31
38
  OASIS_UTILITY = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
@@ -33,10 +40,12 @@ OASIS_SECEXT = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
33
40
  XML_DATA = 'http://bxd.fi/xmldata/'
34
41
  BXD = 'http://model.bxd.fi'
35
42
  XMLENC = 'http://www.w3.org/2001/04/xmlenc#'
43
+ ENVELOPE = 'http://schemas.xmlsoap.org/soap/envelope/'
36
44
 
37
45
  # Nordea XML namespaces
38
46
  NORDEA_PKI = 'http://bxd.fi/CertificateService'
39
47
  NORDEA_XML_DATA = 'http://filetransfer.nordea.com/xmldata/'
40
48
 
41
49
  # Danske XML namespaces
42
- DANSKE_PKI = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
50
+ DANSKE_PKI = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
51
+ DANSKE_PKIF = 'http://danskebank.dk/PKI/PKIFactoryService'
data/readme.md CHANGED
@@ -34,21 +34,26 @@ $ gem install sepafm
34
34
 
35
35
  ## Usage
36
36
 
37
+ ### Require the gem
38
+
39
+ ```ruby
40
+ require 'sepafm'
41
+ ```
42
+
37
43
  ### Communicating with the bank
38
44
 
39
- Define parameters hash for client, ie. get bank statement;
45
+ Define parameters hash for client, ie. get Nordea bank statement;
40
46
 
41
47
  ```ruby
42
48
  params = {
43
49
  bank: :nordea,
44
50
  command: :download_file,
45
- private_key: "...your private key...",
46
- cert: "...your certificate...",
51
+ signing_private_key: "...your signing private key...",
52
+ own_signing_certificate: "...your signing certificate...",
47
53
  customer_id: '11111111',
48
- file_type: 'NDCAMT53L',
49
- file_reference: "11111111A12006030329501800000014",
50
54
  target_id: '11111111A1',
51
- status: 'NEW'
55
+ file_type: 'TITO',
56
+ file_reference: "11111111A12006030329501800000014"
52
57
  }
53
58
  ```
54
59
 
@@ -88,9 +93,8 @@ params = {
88
93
  bank: :nordea,
89
94
  command: :get_certificate,
90
95
  customer_id: '11111111',
91
- environment: 'TEST',
92
- csr: "...your csr...",
93
- service: 'service'
96
+ environment: 'test',
97
+ signing_csr: "...your signing certificate signing request..."
94
98
  }
95
99
  ```
96
100
 
@@ -98,13 +102,24 @@ Initialize a new instance of the client and pass the params hash
98
102
 
99
103
  ```ruby
100
104
  client = Sepa::Client.new params
105
+ ```
106
+
107
+ Send request to bank
108
+
109
+ ```ruby
101
110
  response = client.send_request
102
111
  ```
103
112
 
104
- Get the certificates from the response
113
+ Make sure the response is valid
105
114
 
106
115
  ```ruby
107
- response.content
116
+ response.valid?
117
+ ```
118
+
119
+ Get the certificate from the response
120
+
121
+ ```ruby
122
+ response.own_signing_certificate
108
123
  ```
109
124
 
110
125
  ### Downloading Danske bank certificates
@@ -116,12 +131,10 @@ Define parameters hash for client
116
131
  ```ruby
117
132
  params = {
118
133
  bank: :danske,
119
- target_id: 'Danske FI',
120
- language: 'EN',
134
+ target_id: 'DABAFIHH',
121
135
  command: :get_bank_certificate,
122
- bank_root_cert_serial: '1111110002',
123
136
  customer_id: '360817',
124
- environment: 'TEST'
137
+ environment: 'test'
125
138
  }
126
139
  ```
127
140
 
@@ -129,20 +142,31 @@ Initialize a new instance of the client and pass the params hash
129
142
 
130
143
  ```ruby
131
144
  client = Sepa::Client.new params
145
+ ```
146
+
147
+ Send request to bank
148
+
149
+ ```ruby
132
150
  response = client.send_request
133
151
  ```
134
152
 
153
+ Make sure the response is valid
154
+
155
+ ```ruby
156
+ response.valid?
157
+ ```
158
+
135
159
  Get the certificates from the response
136
160
 
137
161
  ```ruby
138
162
  # Bank's encryption certificate
139
- response.bank_encryption_cert
163
+ response.bank_encryption_certificate
140
164
 
141
165
  # Bank's signing certificate
142
- response.bank_signing_cert
166
+ response.bank_signing_certificate
143
167
 
144
168
  # Bank's root certificate
145
- response.bank_root_cert
169
+ response.bank_root_certificate
146
170
  ```
147
171
 
148
172
  #### Own certificates
@@ -152,12 +176,12 @@ Define parameters hash
152
176
  ``` ruby
153
177
  params = {
154
178
  bank: :danske,
155
- enc_cert: danske_bank_enc_cert,
179
+ bank_encryption_certificate: '...banks encryption certificate...',
156
180
  command: :create_certificate,
157
181
  customer_id: '360817',
158
- environment: 'customertest',
159
- encryption_cert_pkcs10: danske_enc_cert_request,
160
- signing_cert_pkcs10: danske_signing_cert_request,
182
+ environment: 'production',
183
+ encryption_csr: '...encryption certificate signing request...',
184
+ signing_csr: '...signing certificate signing request...',
161
185
  pin: '1234'
162
186
  }
163
187
  ```
@@ -166,17 +190,28 @@ Initialize a new instance of the client and pass the params hash
166
190
 
167
191
  ```ruby
168
192
  client = Sepa::Client.new params
193
+ ```
194
+
195
+ Send request to bank
196
+
197
+ ```ruby
169
198
  response = client.send_request
170
199
  ```
171
200
 
201
+ Make sure the response is valid
202
+
203
+ ```ruby
204
+ response.valid?
205
+ ```
206
+
172
207
  Get the certificates from the response
173
208
 
174
209
  ```ruby
175
210
  # Own encryption certificate
176
- response.own_encryption_cert
211
+ response.own_encryption_certificate
177
212
 
178
213
  # Own signing certificate
179
- response.own_signing_cert
214
+ response.own_signing_certificate
180
215
 
181
216
  # CA Certificate used for signing own certificates
182
217
  response.ca_certificate
@@ -187,9 +222,9 @@ response.ca_certificate
187
222
  ### Parameter breakdown
188
223
 
189
224
  * **bank** - The bank you want to send the request to as a symbol. Either :nordea or :danske
190
- * **private_key** - Your private key in plain text format
191
- * **cert** - Your certificate in plain text format
192
- * **csr** - Your certificate signing request in plain text format
225
+ * **signing_private_key** - Your signing private key in plain text format
226
+ * **signing_certificate** - Your signing certificate in plain text format
227
+ * **encryption/signing_csr** - Your certificate signing request in plain text format
193
228
  * **command** - Must be one of:
194
229
  * download_file_list
195
230
  * upload_file
@@ -197,8 +232,9 @@ response.ca_certificate
197
232
  * get_user_info
198
233
  * get_certificate
199
234
  * get_bank_certificate
235
+ * create_certificate
200
236
  * **customer_id** - Your customer id with the bank.
201
- * **environment** - Must be either PRODUCTION or TEST
237
+ * **environment** - Must be either production or test
202
238
  * **status** - For filtering stuff. Must be either NEW, DOWNLOADED or ALL
203
239
  * **target_id** - Some specification of the folder which to access in the bank (Nordea only)
204
240
  * **language** - Language must be either FI, EN or SV
data/test/sepa/banks/danske/danske_cert_response_test.rb CHANGED
@@ -4,16 +4,27 @@ class DanskeCertResponseTest < ActiveSupport::TestCase
4
4
 
5
5
  setup do
6
6
  options = {
7
- response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}get_bank_cert.xml"),
7
+ response: File.read("#{DANSKE_TEST_RESPONSE_PATH}get_bank_cert.xml"),
8
8
  command: :get_bank_certificate
9
9
  }
10
10
  @get_bank_cert_response = Sepa::DanskeResponse.new options
11
11
 
12
12
  options = {
13
- response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}create_cert.xml"),
13
+ response: File.read("#{DANSKE_TEST_RESPONSE_PATH}create_cert.xml"),
14
14
  command: :create_certificate
15
15
  }
16
16
  @create_certificate_response = Sepa::DanskeResponse.new options
17
+
18
+ options = {
19
+ response: File.read("#{DANSKE_TEST_RESPONSE_PATH}get_bank_certificate_not_ok.xml"),
20
+ command: :get_bank_certificate
21
+ }
22
+ @get_bank_certificate_not_ok_response = Sepa::DanskeResponse.new options
23
+ end
24
+
25
+ test 'correct responses should be valid' do
26
+ assert @get_bank_cert_response.valid?, @get_bank_cert_response.errors.messages
27
+ assert @create_certificate_response.valid?, @create_certificate_response.errors.messages
17
28
  end
18
29
 
19
30
  # Tests for get bank certificate
@@ -54,13 +65,39 @@ class DanskeCertResponseTest < ActiveSupport::TestCase
54
65
  assert ca_certificate.respond_to? :sign
55
66
  end
56
67
 
68
+ # TODO: Get test to pass
57
69
  test 'hashes should match' do
70
+ skip 'for some reason the digest verification does not work with danske certificate responses'
71
+
58
72
  assert @create_certificate_response.hashes_match?
59
73
  end
60
74
 
75
+ # TODO: Get test to pass
61
76
  test 'hashes shouldnt match when data is corrupted' do
62
- @create_certificate_response.doc.at('xmlns|ReturnText', xmlns: DANSKE_PKI).content = 'kana'
63
- refute @create_certificate_response.hashes_match?
77
+ skip 'for some reason the digest verification does not work with danske certificate responses'
78
+
79
+ assert_output /These digests failed to verify: {"#response"=>"2vCYl3h7ksRgk7IyV2axgpXxTWM="}/ do
80
+ @create_certificate_response.doc.at('xmlns|ReturnText', xmlns: DANSKE_PKI).content = 'kana'
81
+ refute @create_certificate_response.hashes_match?({ verbose: true })
82
+ end
83
+ end
84
+
85
+ test 'should not be valid when response code is not 00 in get bank certificate' do
86
+ refute @get_bank_certificate_not_ok_response.valid?
87
+ refute_empty @get_bank_certificate_not_ok_response.errors.messages
88
+ end
89
+
90
+ test 'should be valid when response code is 00 in get bank certificate' do
91
+ assert @get_bank_cert_response.valid?, @get_bank_cert_response.errors.messages
92
+ assert_empty @get_bank_cert_response.errors.messages
93
+ end
94
+
95
+ test 'certificate used to sign the response can be extracted' do
96
+ certificate = @create_certificate_response.certificate
97
+
98
+ assert_nothing_raised do
99
+ x509_certificate certificate
100
+ end
64
101
  end
65
102
 
66
103
  end
data/test/sepa/banks/danske/danske_cert_soap_builder_test.rb CHANGED
@@ -55,7 +55,7 @@ class DanskeCertSoapBuilderTest < ActiveSupport::TestCase
55
55
  def test_certificate_is_added_properly
56
56
  embedded_certificate = @doc.at("X509Certificate", 'xmlns' => @dsig).content.gsub(/\s+/, "")
57
57
 
58
- actual_certificate = @danske_create_certificate_params[:encryption_certificate]
58
+ actual_certificate = @danske_create_certificate_params[:bank_encryption_certificate]
59
59
  actual_certificate = actual_certificate.split('-----BEGIN CERTIFICATE-----')[1]
60
60
  actual_certificate = actual_certificate.split('-----END CERTIFICATE-----')[0]
61
61
  actual_certificate.gsub!(/\s+/, "")
data/test/sepa/banks/danske/danske_generic_soap_builder_test.rb CHANGED
@@ -14,21 +14,10 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
14
14
  encryption_certificate_path = "#{keys_path}/own_enc_cert.pem"
15
15
  encryption_certificate = File.read encryption_certificate_path
16
16
 
17
- @danske_generic_params = {
18
- bank: :danske,
19
- signing_private_key: rsa_key(signing_private_key),
20
- command: :upload_file,
21
- customer_id: '360817',
22
- environment: 'TEST',
23
- encryption_certificate: encryption_certificate,
24
- signing_certificate: signing_certificate,
25
- language: 'EN',
26
- status: 'ALL',
27
- target_id: 'Danske FI',
28
- file_type: 'pain.001.001.02',
29
- content: encode('kissa'),
30
- file_reference: "11111111A12006030329501800000014",
31
- }
17
+ @danske_generic_params = danske_generic_params
18
+
19
+ # Convert keys in danske generic params, because this is usually done by the client
20
+ @danske_generic_params[:signing_private_key] = rsa_key(@danske_generic_params[:signing_private_key])
32
21
 
33
22
  @soap_request = Sepa::SoapBuilder.new(@danske_generic_params)
34
23
 
@@ -130,8 +119,8 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
130
119
  "//wsse:BinarySecurityToken", 'wsse' => wsse
131
120
  ).content
132
121
 
133
- actual_certificate = OpenSSL::X509::Certificate.new(
134
- @danske_generic_params.fetch(:signing_certificate)
122
+ actual_certificate = x509_certificate(
123
+ @danske_generic_params.fetch(:own_signing_certificate)
135
124
  ).to_s
136
125
 
137
126
  actual_certificate = actual_certificate.split('-----BEGIN CERTIFICATE-----')[1]
data/test/sepa/banks/danske/danske_response_test.rb ADDED
@@ -0,0 +1,97 @@
1
+ require 'test_helper'
2
+
3
+ # Tests Danske Bank specific response stuff
4
+ class DanskeResponseTest < ActiveSupport::TestCase
5
+ setup do
6
+
7
+ # The private key of the certificate used to encrypt
8
+ # the response which can be used to decrypt it
9
+ encryption_private_key = '-----BEGIN RSA PRIVATE KEY-----
10
+ MIIEpAIBAAKCAQEAw3hHNCubtBxxztGaLU85WujGCWyE1RYdixlng/L+XwulaWum
11
+ XFstMCXQkGDIJyRqNXN9w+Dc9v62BbgR1t4GdqDXNSTBKYpxreXHOSC4DyAzUwsJ
12
+ yZDKERCzueVCkgQl3ShcK1TPnQ+FWT+yzyIXQV9ZlY4bc1WaF9HlBJ/2lbBcqSKr
13
+ Mq1AADMHOeS0cQatbaGd2QwzH+o1yVHHn1XuPM3Qm3xLKDMbj1gR7+AqhUlfNwbk
14
+ kkea6pSxaD8Wm3wvfPz6QqG09DrPLVzUr/H3Gh7JO0c9xrwfesjFyRp7Hon3BMZY
15
+ t6COjJqYUSAb12eSqBffs6O2OrPzbyh496Cx6QIDAQABAoIBAG+zbSUwAmNTmemx
16
+ N6TK0CDWQk0iWWoXoDxcAR6THq+bzSPII6JFbDZGdb/7voU3twXigK0N89elyMjN
17
+ 3kvmRtVFppW08jlV5w6T71wDCYuDQDElbqtj9UT5QWtqyrb8bdLK/Ji6d4XuV6qf
18
+ zwO1HIr7/QqM0bz/3vXbuT8CVnxE8mviQaLBLAN8h7qZRq2Z39vpoImaNp9APRh1
19
+ /oSYkKdiELcH0+JkVhxZqi2op7R0MxcsvT4M91Vs+fqO8PADLf72fHKUDb4D+Nkx
20
+ S+YF8Xe3RxpYTHrTgEBl08WXmqhc/Bbk+lKJoLuIkb3bUHW3RNrOSJ8uuJqKRczg
21
+ FHTw+DECgYEA9gQjdr1nxPolDl3+reXo02Ig5Ah2pe7uuTrgmqnMJ/EKJSiLgedM
22
+ ulI+wp7270dXIJC0nOawDtd6hNFpAQvNkCnWmQCsV3lM9w9EPWRsZzBiSUsejYdz
23
+ VGBprpxjf8hL7ASDoOnAW/JBhFoVuyOYeR5rrghY5mPw++lNPXlzuB0CgYEAy2cD
24
+ jj5cw6I7Caj1qdxCGseNvNyk1ZrAIzQaKlnJ20uWqdlLCYGzK8JTgubwnkL/mQcE
25
+ 2axbLCsiU4cn7GeJLUkZKfUMNuEMTDgVgey7yt2VmX++qaZmRJfBnGCKKnfzfafE
26
+ OUfUfIdgimOKpwUdCsy6mbznvPiLQSJptFparz0CgYEAkd3+UQcYofhXRF+DBATP
27
+ uZXzPoGuJ9C1hupcBhgrTntisomJviowmkDtqWOrslAwXsSt8mHtfb9Ri7LGebJP
28
+ 3eyQqwN1LCBl/A73PRdwFvbfL+n0YaIwRZUs1DUx4bAXJAfBLAWs4lePdTQcsmr2
29
+ msnourWEUIZtek/oVkzOyhkCgYB+tWuXnu22yUcx21k+OYHMoOeA8YqVrlNnGrv6
30
+ CfkfbVUr9bsy7uMorWPMtgTK8j27nI2+9AnP2AcINbf/Ivhnh5PveUHkpgk9Kers
31
+ BwdtduAMwXGKyagHrunjephXoGXEr1AjxsVt1f+j9iKXrS3MXoEX6IAMTmChcMic
32
+ m3TGmQKBgQCm8Qkb5KVF7EexYhpoaGVcrTtX+K/M3OsSga3vdvQSZ+OFcpN8BfnP
33
+ 2a3h/ocFwRLzZcsDSpyJplDSZO71/5TSs6g/rQNqH3G9UL3//x7yr2I8e7taE+Qk
34
+ l+Ul4l4+FfAysq3a7b3xoQ59kN1CrEWqDo2KqndxGv6wQft3n/dxnQ==
35
+ -----END RSA PRIVATE KEY-----'
36
+
37
+ options = {
38
+ response: File.read("#{DANSKE_TEST_RESPONSE_PATH}/download_file_list.xml"),
39
+ command: :download_file_list,
40
+ encryption_private_key: rsa_key(encryption_private_key)
41
+ }
42
+ @download_file_list_response = Sepa::DanskeResponse.new options
43
+ end
44
+
45
+ test 'application response can be extracted' do
46
+ application_response = @download_file_list_response.application_response
47
+ assert_equal '061133', xml_doc(application_response).at('CustomerId').content
48
+ end
49
+
50
+ test 'certificate used to sign the response can be extracted from the response' do
51
+ certificate = @download_file_list_response.certificate
52
+
53
+ assert_nothing_raised do
54
+ x509_certificate certificate
55
+ end
56
+ end
57
+
58
+ test 'proper error message is returned if wrong encryption private key is given' do
59
+ wrong_encryption_private_key = '-----BEGIN RSA PRIVATE KEY-----
60
+ MIIEogIBAAKCAQEAuzOFRV7RWJXwga+2tyj+2vJvfr2CNBypJGuSlIvuHhnEF1Lx
61
+ mIIx+G/jUMI6mPBmW4Y8jKEPLBCWNeuSpGC8CUzahLEzmUj3RbYh43Jx1V6R632h
62
+ 8CpgS8pxkyzgvaCvyv2kkX+n87sMUzhoNQFoc8pTTcpGVrnNIF7TtBSO7oWY+OJZ
63
+ A8HEZH2t++d0ZN02B7MtfeFsW5M83IjTUAJy6+P0mNmW4X4Xpbdx+PzkyuuVvPlP
64
+ NxBX2iPpvSY3SZy2fTgcasDaQMoMtCBL4nNL5A39JNOUeDt3PCa0pUXqA9HmzElb
65
+ Ps0Q7XgMitPZTk1BkSgAGzGqId6FwXSpeOYAQQIDAQABAoIBAEa5mEg1InKNc2gL
66
+ ssRQQLkHjwgbIO3/Rgf0fFSS6UuGAIevVod/6NErtH32Y50UdhduB8I5tzm2qomE
67
+ jsp7oY8B8izfpdbrskAsJ3F+83LhX8/QjzXlTKxVt8Ma2W3LH59ZZKtzx0hWCroG
68
+ PZiJB6V3czGYkiqB1/W63dDTU4zZVd02SCwlhGUEuncAnfpty+JpROpzRAcgquTF
69
+ VEIoK2tDieas4uAgpmE5cjKxuyOSY26HV5GlUDkmb+cUiE3J/3gjHUlvAV48qMY4
70
+ EePA+0n3JA/dhVOF5SUbp/txEMhHI8G1loCDC47xNkyQ48mUdjokgajpM0ODmKxj
71
+ JnFkcGECgYEA96ZDmyxUE+dfcl7vM8wcZSp3akuYOXWpxA3JPTX1LeY5/jVUnAF6
72
+ iA/Dzf1iR4dzsrtSiRc8Qeh0fJs8ObhX5H4loWemptT9KSj84a2zeMuxC6LyMXFx
73
+ 8qhA166V/kRMdpR3WgCrO3+kJLFhu/jnqT27wWDHSmR5Nithk14ovCMCgYEAwYN2
74
+ EsOEraZ2qNcAzZe4ujLKCaFeeNl00v4O+y8D8q+m7mzg8SVKtdzsFAR/F8p7s689
75
+ VUrKDti4Lt/cwzrkPRbIzxXVhOxGkkneQ8mFr77sji2UFAYXl9GtURp91dCk0/Zh
76
+ LkJAeoF24YDeDYJ5M0ODcsgy/sAN6+p8b05StksCgYBf2jSUnOW2BnnE9MW00K20
77
+ 4mjx9Wxn4QjiX0uiq33IVDHiGJY1A8V/YEqzMf2WHfFEHojlkt65y9U6XYND+/vY
78
+ 7pJ2FH5GWG3cPocSen7apExUaq8/P9+QwlrGoEZh8eF+jBxd86BTGSZZJWbksIRJ
79
+ 1yESyfiY7KaVtti/h1RQ7QKBgHXon/z23NTh5NMjjf23QHtTjv8nL+T6utAEtSQf
80
+ lYw9srz74mOMkWUWY1IfG0Fnws/NKtXZaBx7uF33URAzxfXi+CAV8a+4N5fTInaz
81
+ R525+3D2HI/G1oFO5QfR2HJ7WrM8ICKLg7YhREpKtwIMScUOkf1SNqA6bUEd8wvu
82
+ 8T7ZAoGAOPLMNVJv07zJsaiktjYODcVOenINp+LoUJphblWCliXWvaHpDdpAiqKq
83
+ aimQ9Emu6u+JHCvRdHGGnAUEQKRCjUL+oAQhJfWimlhSfqbS0uQAo9XakIZGRyhO
84
+ ufGDBuk6Qe7BSx+/iYvjK1o/IP42RSwj7Ar/IaQuzzfxsflqrGA=
85
+ -----END RSA PRIVATE KEY-----'
86
+
87
+ options = {
88
+ response: File.read("#{DANSKE_TEST_RESPONSE_PATH}/download_file_list.xml"),
89
+ command: :download_file_list,
90
+ encryption_private_key: rsa_key(wrong_encryption_private_key)
91
+ }
92
+ response = Sepa::DanskeResponse.new options
93
+
94
+ refute response.valid?
95
+ refute_empty response.errors.messages
96
+ end
97
+ end
data/test/sepa/banks/danske/keys/bank_encryption_cert.pem CHANGED
@@ -1,24 +1,24 @@
1
1
  -----BEGIN CERTIFICATE-----
2
- MIIEATCCAumgAwIBAgIFAQjv8bMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMT
2
+ MIIEATCCAumgAwIBAgIFAQjv8bQwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMT
3
3
  B0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYD
4
4
  VQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UE
5
5
  CxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAe
6
- Fw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGYMRAwDgYDVQQDEwdEUENS
6
+ Fw0xNDA3MDcwMDAwMDBaFw0xNjA2MjYwMDAwMDBaMIGYMRAwDgYDVQQDEwdEUENS
7
7
  WVBUMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMH
8
8
  RGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxGjAYBgNVBAsTEURh
9
- bnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQFEw82MTEyNjIyODQ5MTAwMDMwggEgMA0G
10
- CSqGSIb3DQEBAQUAA4IBDQAwggEIAoIBAQC/kHrOvHOueBsit9drxIHpaD7mXINy
11
- pXS/l9PbbOZ0lZKVEfW9gtG8xk9XggsPXHJMF/PXpG6mveXvPu9WW/XpryAUqGfv
12
- YsC7Px3ixaJb2EMOL+2mJYd0v5HKg5RuYkQ82k3K01hMNEGYs0OotjNVAimQcTLt
13
- VPDGBjK5BUAiwady9LpI6afo7roJWnRmsvSvinDgBqswnfCvUfSfM8cZyhnLLC2u
14
- j1kBHAD/5xpllmS3aq1M8LqFkBYcCE5PdPmFWhGUumZ/Y5qLjDgcPMAPvUaKLqOs
15
- h22jvPCZ0pm17eV0bSQzWe5e0zkgCYAepuFRazSlkJQYBdS47Mp68dY5AgEDo1Iw
16
- UDAfBgNVHSMEGDAWgBSE+uW/3pFJZt/FilLDs7ezIBzHbTAdBgNVHQ4EFgQUP6wH
17
- VNOmznu212c08M3oeYjeXW4wDgYDVR0PAQH/BAQDAgQwMA0GCSqGSIb3DQEBCwUA
18
- A4IBAQAvJBfPug+ixGL/zWUnKMweV80atZXMjHJEn4mOE+iUkCNONLImMMt6MXJy
19
- snJViL1gL5xMrka6A62PLLsVkl79kxDDbzXMPfGt5/mB9L7CMpyzaID0acDii3rs
20
- ZwT3Wxpnate6wowN4zpmXgpCpTDGbxjuVRiOArsjQblerhfxnD/UAieZ1IWozIAN
21
- s6SVms/TuOB+bODUr06ITxBkDJhizOJxjsXRIAtwZvvrH4qGjJz5qFcPb3nz4Txw
22
- swU8X6yvbtqF+q4aAKPA6ZydnGZFQSoSzNJtcF28T1ItxEHN3+xyQqXpTgFviiuL
23
- 277LaAl9YUFFnSgeh7GiFitWJPfD
9
+ bnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQFEw82MTEyNjIyODQ5MTAwMDQwggEgMA0G
10
+ CSqGSIb3DQEBAQUAA4IBDQAwggEIAoIBAQCtjaKTui8Ll8LJ4nke+lJs3GNNx6Ie
11
+ ehabOumWUBdw6MICC8AIV4Pj+KWP1/TZh6CcLY3FOmeCvwPuEblA4A2eb1jS4M3U
12
+ 5pc7PFMGL0ox5SY/SOqyzm/Fo6VX2TxC9FXNSv/GGvGzbakeyGW0/ca48u12cySt
13
+ n4Houd7TqudbIqqkbr02bxt0nw0PpxHBOTouPAARQdvdPD+aPRJ1X6TKkuMrW2Ig
14
+ 1YhW04hdfcH5duirnxtK0m4Qebxk2HiLIN66MdPgs+0JHIoGgB6stJEixeDpiM15
15
+ HQDpSPVRwZVUcnvqP/aEW06j9f6j84zB05NuKM2JFg/1wbMyPBgdhRNvAgEDo1Iw
16
+ UDAfBgNVHSMEGDAWgBSE+uW/3pFJZt/FilLDs7ezIBzHbTAdBgNVHQ4EFgQUfOep
17
+ p/dW66vQ0heuTt2ETjlMRAMwDgYDVR0PAQH/BAQDAgQwMA0GCSqGSIb3DQEBCwUA
18
+ A4IBAQAl88QDgTpmKI7h8R9IelwwXDnzPFrxE4p1CpqiFDtCIRogO2TdRUUyRamp
19
+ eFNfngD1cnx/gXX4qjGnPf9THDt1STcGJVkqA2/uqptuhgy+3BLqnRNXw5aahyjn
20
+ 0/4HyMDkTnBhV+HmoQlk4aUdhT6Gpg79OC61M16uJXOP3wFS4RIiU5JO3SpemJVp
21
+ QH0GNuzJOfx6sgA1S5vBiyIgj0B86cdQ9hr/5KFXFCMsKw9RGNX5tikXvQMUgirO
22
+ Hsac7rKL/m4djdfoRYM1CcutVoZvVpEd9zZiMQKF5bXXIxzdFSW3JT+IUZ3oRQmu
23
+ NJPc5/h3epYtELy58mWOZWWVZ49+
24
24
  -----END CERTIFICATE-----
data/test/sepa/banks/danske/keys/bank_signing_cert.pem CHANGED
@@ -1,24 +1,24 @@
1
1
  -----BEGIN CERTIFICATE-----
2
- MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMT
2
+ MIIEADCCAuigAwIBAgIFAMa3bfQwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMT
3
3
  B0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYD
4
4
  VQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UE
5
5
  CxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAe
6
- Fw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJ
6
+ Fw0xNDA3MDcwMDAwMDBaFw0xNjA2MjYwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJ
7
7
  R04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdE
8
8
  ZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFu
9
- c2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJ
10
- KoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4w
11
- q9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V
12
- 7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGK
13
- Qk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv
14
- 900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XEL
15
- TxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQ
16
- MB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPge
17
- y2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQAD
18
- ggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Ty
19
- ep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgo
20
- Z49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3c
21
- HlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQ
22
- t5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fN
23
- arBRP4p72g+225NB0itQ73Xo7pg=
9
+ c2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwNDCCASAwDQYJ
10
+ KoZIhvcNAQEBBQADggENADCCAQgCggEBAMTopJ9GZXRkKm4Rq9M92EawXIfSI7VL
11
+ 0sykOzLfBzrgYMpqJ7rFxJe7nzECw22TeQ/3m4Gjnhe8XVaKSUDbfYfWzWD44iiZ
12
+ fecMaDZYIyR3g7GMwQowfwTqHhSEjFgfzH3QuGH2KGmqycvyuNGsbWjzvDAov8Yf
13
+ 7F88A4aOkseISO3Vmt2ElKm+gs09z7pwak6OxegDu5ZySS39kpTvq1DK3w2vXkEQ
14
+ GJUYOnDG/723v/hK3GjxclViu1OGSga7UJApjm3ky4s9EWoumf/vLBAnqRp6biOK
15
+ nkGmOJEJlT00VWjaRoDarKOjgC7b/05Xp0ynDSOwqvTI92BdAQwfgEsCAQOjUjBQ
16
+ MB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBSh3exl
17
+ GZ8eC4EiAVvbxenmc9faUzAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQAD
18
+ ggEBACjZJx8+UEcAYXJzstd+6E2wBNmmSvUTiuG7+Vws4+l4eqLLrHkhi66FOEwP
19
+ dnf5/t8k7h5ry61aEf+HdUcQuYRrf7hJPkFjxaMcMGss4uURjVt/R/GhWMgu6cYg
20
+ UIq0NHIMqdYH4dM/19qv7E+je2D3BuJOE3ucqe4Ywd+W2WP8HGlA3PkpMV78SPA9
21
+ N/Usg3VX2KVbdS3idTpSMpxQftjWXmJtef0KawvYmYOw7i+eazHmv5mgxhgCvJSC
22
+ PHN6oGS7v5AVVz9RCjSWEKIXZE0wRSLuTFYzt7/7CgRsdTVwpkFzn+ZJUAjYBPhZ
23
+ Q3Xn3p03DyCFsvtLxwE17UpUFUU=
24
24
  -----END CERTIFICATE-----
data/test/sepa/banks/danske/responses/create_cert.xml CHANGED
@@ -1,15 +1,15 @@
1
1
  <?xml version="1.0" encoding="UTF-8"?>
2
- <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#"><soapenv:Header/><soapenv:Body><CreateCertificateOut xmlns="http://danskebank.dk/PKI/PKIFactoryService"><pkif:ResponseHeader xmlns=""><pkif:SenderId>360817</pkif:SenderId><pkif:CustomerId>360817</pkif:CustomerId><pkif:RequestId>b0410899f4</pkif:RequestId><pkif:Timestamp>2014-06-25T11:45:47Z</pkif:Timestamp><pkif:InterfaceVersion>1</pkif:InterfaceVersion><pkif:Environment>customertest</pkif:Environment></pkif:ResponseHeader><tns:CreateCertificateResponse xml:id="response" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns=""><tns:ReturnCode>00</tns:ReturnCode><tns:ReturnText>OK</tns:ReturnText><tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert><tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert><tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert><tns:RequestId/><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
3
- <SignedInfo>
4
- <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
5
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
6
- <Reference URI="#response">
7
- <Transforms>
8
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
9
- <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
10
- </Transforms>
11
- <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
12
- <DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
13
- </Reference>
14
- </SignedInfo>
15
- <SignatureValue>CqPQW88gjJayDovXbk++IXJ5yjAJNf5+BL6wodkwIErqLdK3DYeAn9T6MQRNciB7POZkKqtnFj4CG1mbpGRCP5yduaBYP96uUoRSZiGuFHqb5HvMIgMvDCsnRJX11tUaMhrZkktYb0Xx2ulPrbLm/n9kW9L0oZftEijm7ixYSIsNEdJMHxWqCDGQCzLwD5zz512nNHEm3Ddimvh3mOqZ6deGtfODl4KuK247NNuak6Pjz9sE5hJnwDi4E1jtme735HEcxkrtYlqTIOjPXS/xRKkHEW6R59R3DR3FpYAo3H+SR/2WptoQhaBvVtlzle9Z8BG2JFRnbudAo3CkA245Vg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4wq9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGKQk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XELTxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPgey2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Tyep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgoZ49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3cHlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQt5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fNarBRP4p72g+225NB0itQ73Xo7pg=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910003</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature></tns:CreateCertificateResponse></CreateCertificateOut></soapenv:Body></soapenv:Envelope>
2
+ <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#"><soapenv:Header/><soapenv:Body><CreateCertificateOut xmlns="http://danskebank.dk/PKI/PKIFactoryService"><pkif:ResponseHeader xmlns=""><pkif:SenderId>360817</pkif:SenderId><pkif:CustomerId>360817</pkif:CustomerId><pkif:RequestId>fad29587b6</pkif:RequestId><pkif:Timestamp>2014-08-06T11:00:03Z</pkif:Timestamp><pkif:InterfaceVersion>1</pkif:InterfaceVersion><pkif:Environment>customertest</pkif:Environment></pkif:ResponseHeader><tns:CreateCertificateResponse xml:id="response" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns=""><tns:ReturnCode>00</tns:ReturnCode><tns:ReturnText>OK</tns:ReturnText><tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert><tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert><tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert><tns:RequestId/><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
3
+ <SignedInfo>
4
+ <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
5
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
6
+ <Reference URI="#response">
7
+ <Transforms>
8
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
9
+ <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
10
+ </Transforms>
11
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
12
+ <DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
13
+ </Reference>
14
+ </SignedInfo>
15
+ <SignatureValue>Vxs+AC28A9SGKjbuXKaWDZ3nxd1PW/JT5CJth7hGpv6+G/M/uiIKvHipdM5VilLdgPg8ocICJaKTPXg+pMzT2UkqgAQHBCh4JGBkIz0TR5tTppCs5pPO+rd/z6fGQU7gELLddh21pa58QtgAswgJtiIOupFG+wS5ocZTH//vryP/Rxh4VivMNg/jnvse2nETnchk+WCDl5iB0xbsuVRyAvFlw0SL1VWSqmLsDInoo8rQAFoc5A51mqP4ODaqSiK4shml7pOxj/JmRNrDQYOFuVoVIt/M/RTJWzc8nzXnnHc3ssSBKCsXv/x/mAmLBvBDpBOYQxLvu8zdFkLGZTGp+Q==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfQwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xNDA3MDcwMDAwMDBaFw0xNjA2MjYwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwNDCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAMTopJ9GZXRkKm4Rq9M92EawXIfSI7VL0sykOzLfBzrgYMpqJ7rFxJe7nzECw22TeQ/3m4Gjnhe8XVaKSUDbfYfWzWD44iiZfecMaDZYIyR3g7GMwQowfwTqHhSEjFgfzH3QuGH2KGmqycvyuNGsbWjzvDAov8Yf7F88A4aOkseISO3Vmt2ElKm+gs09z7pwak6OxegDu5ZySS39kpTvq1DK3w2vXkEQGJUYOnDG/723v/hK3GjxclViu1OGSga7UJApjm3ky4s9EWoumf/vLBAnqRp6biOKnkGmOJEJlT00VWjaRoDarKOjgC7b/05Xp0ynDSOwqvTI92BdAQwfgEsCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBSh3exlGZ8eC4EiAVvbxenmc9faUzAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBACjZJx8+UEcAYXJzstd+6E2wBNmmSvUTiuG7+Vws4+l4eqLLrHkhi66FOEwPdnf5/t8k7h5ry61aEf+HdUcQuYRrf7hJPkFjxaMcMGss4uURjVt/R/GhWMgu6cYgUIq0NHIMqdYH4dM/19qv7E+je2D3BuJOE3ucqe4Ywd+W2WP8HGlA3PkpMV78SPA9N/Usg3VX2KVbdS3idTpSMpxQftjWXmJtef0KawvYmYOw7i+eazHmv5mgxhgCvJSCPHN6oGS7v5AVVz9RCjSWEKIXZE0wRSLuTFYzt7/7CgRsdTVwpkFzn+ZJUAjYBPhZQ3Xn3p03DyCFsvtLxwE17UpUFUU=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910004</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature></tns:CreateCertificateResponse></CreateCertificateOut></soapenv:Body></soapenv:Envelope>